Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-0185 (GCVE-0-2009-0185)
Vulnerability from cvelistv5 – Published: 2009-06-02 18:00 – Updated: 2024-08-07 04:24
VLAI?
EPSS
Summary
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35091",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35091"
},
{
"name": "quicktime-msadpcm-bo(50894)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-6/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "oval:org.mitre.oval:def:15727",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
},
{
"name": "ADV-2009-1469",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "35163",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35163"
},
{
"name": "20090602 Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
},
{
"name": "APPLE-SA-2009-06-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"name": "54879",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54879"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "35091",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35091"
},
{
"name": "quicktime-msadpcm-bo(50894)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-6/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "oval:org.mitre.oval:def:15727",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
},
{
"name": "ADV-2009-1469",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "35163",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35163"
},
{
"name": "20090602 Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
},
{
"name": "APPLE-SA-2009-06-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"name": "54879",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54879"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35091"
},
{
"name": "quicktime-msadpcm-bo(50894)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"name": "http://secunia.com/secunia_research/2009-6/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-6/"
},
{
"name": "http://support.apple.com/kb/HT3591",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "oval:org.mitre.oval:def:15727",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
},
{
"name": "ADV-2009-1469",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "35163",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35163"
},
{
"name": "20090602 Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
},
{
"name": "APPLE-SA-2009-06-01-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"name": "54879",
"refsource": "OSVDB",
"url": "http://osvdb.org/54879"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-0185",
"datePublished": "2009-06-02T18:00:00.000Z",
"dateReserved": "2009-01-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:18.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-QV5R-JV89-CR4V
Vulnerability from github – Published: 2022-05-02 03:13 – Updated: 2025-04-09 04:10
VLAI?
Details
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.
{
"affected": [],
"aliases": [
"CVE-2009-0185"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-06-02T18:30:00Z",
"severity": "HIGH"
},
"details": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.",
"id": "GHSA-qv5r-jv89-cr4v",
"modified": "2025-04-09T04:10:19Z",
"published": "2022-05-02T03:13:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0185"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/54879"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35091"
},
{
"type": "WEB",
"url": "http://secunia.com/secunia_research/2009-6"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3591"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/35163"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/1469"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2009-0185
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-0185",
"description": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.",
"id": "GSD-2009-0185"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-0185"
],
"details": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.",
"id": "GSD-2009-0185",
"modified": "2023-12-13T01:19:43.791419Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35091"
},
{
"name": "quicktime-msadpcm-bo(50894)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"name": "http://secunia.com/secunia_research/2009-6/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-6/"
},
{
"name": "http://support.apple.com/kb/HT3591",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "oval:org.mitre.oval:def:15727",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
},
{
"name": "ADV-2009-1469",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "35163",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35163"
},
{
"name": "20090602 Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
},
{
"name": "APPLE-SA-2009-06-01-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"name": "54879",
"refsource": "OSVDB",
"url": "http://osvdb.org/54879"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:4.1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.2.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:4.1.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.3.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.5:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.5:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.6:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.4.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2:*:vista:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.5:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0185"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3591",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "APPLE-SA-2009-06-01-1",
"refsource": "APPLE",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"name": "35091",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35091"
},
{
"name": "http://secunia.com/secunia_research/2009-6/",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-6/"
},
{
"name": "35163",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/35163"
},
{
"name": "ADV-2009-1469",
"refsource": "VUPEN",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "1022314",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "54879",
"refsource": "OSVDB",
"tags": [],
"url": "http://osvdb.org/54879"
},
{
"name": "quicktime-msadpcm-bo(50894)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"name": "oval:org.mitre.oval:def:15727",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
},
{
"name": "20090602 Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2018-10-30T16:25Z",
"publishedDate": "2009-06-02T18:30Z"
}
}
}
FKIE_CVE-2009-0185
Vulnerability from fkie_nvd - Published: 2009-06-02 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D23D725-2D79-4E21-9273-30D8753B8E53",
"versionEndIncluding": "7.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE08FAE-0862-4C36-95BC-878B04CBF397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F71BC599-FCBE-4F1F-AA24-41AF91F82226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:4.1.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "ACE0F153-80B3-4469-AE49-4B7517218574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:4.1.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "03C15EB0-1D29-4DBE-B2C0-FE9365E8D624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41473E1D-B988-4312-B16B-D340508DD473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC2EBC0-F2A6-4709-9A27-CF63BC578744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "53527707-E903-4A12-AB87-6EC5FA9F2EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "EE3EAE38-9DE6-450D-BCD0-70E590C1F76E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "844E1B14-A13A-47F1-9C82-02EAEED1A911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "A91242F5-485E-4125-A19C-4C20B602DD5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "63D7214C-FAF6-4DCA-8520-8A539BDCD98A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80747BDD-70E9-4E74-896F-C79D014F1B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "0D02D35D-E957-4949-B5DA-F3654B13A308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4C6772-CD24-46FD-AEBE-BF8BB16B5BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "8399665C-F8A8-4133-A0CD-E767F8266E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "FC48F2B6-4BC7-4B57-ADE2-4907287A1AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85ADED98-62C6-4961-894C-1D26E3B3EE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "F7B48C74-28CC-4348-9CF9-9AF58C7A5E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "6469AEDC-6F9D-4CAC-84B2-F13107626FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F522CEA4-B3BB-4C94-B070-6679EEA43439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "904FA4B7-A6CB-48B4-B887-4B349479D1A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "CB2DFC1B-6452-4575-A099-2E5FD387A8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1E140B-BCB4-4B3C-B287-E9E944E08DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B630944-F838-4C02-90D4-F5EB2A073CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "B2FC05FE-5A85-4D78-BAAF-FFCC2CC4CAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "01A24DD9-5AB8-4091-A293-1A2D7953D455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9066C81B-A69F-450D-8606-5E29AF1AD286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "BB113931-F886-425C-A0F8-171F6D71A02F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "D282FA67-0089-4ED5-8168-E3CE8B510BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71285AD2-3966-4817-B630-8335BE985D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.2.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "0A2B95BD-A728-4EE7-A4C9-E1547C34E8E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "2B5928A2-C989-4B27-91E1-7019277B2E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2458480E-F222-452A-AB21-933F924F8F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.3.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "05AA3258-E556-4443-AF79-96882A9CF33C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "51292C8C-4905-4C30-B166-ACCE39D9DEE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30C83A78-6BB9-443E-B508-CC6F8D157A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.4.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "546B9E74-E86B-462B-A58E-017E3B780B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "3433487A-98ED-4C28-8659-609BF395E23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61463F4F-BBE0-42AA-AC22-8F39E94EB520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "579E49C1-2F66-4CCB-AAE4-6C15089C2D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "335F4D89-983A-4C05-937A-EEE802A260D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CE0B67-0794-472D-A2C0-CC5CA0E36370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "49477EAA-5AA2-4B55-8BEF-AB3E118DE618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "7F189FAB-3BA1-4C1B-975F-E174D5CB8771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "19AAC0DE-53D7-42E4-90D2-939C5DF6F651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "F7A30674-38BA-49B8-9DE0-4C9FB5A62DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "BC1B46A6-E032-4E24-B367-F5A94E770FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "284BAF97-86BC-4520-BAB6-D75D18FFA1DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E39C4-6A08-4C38-BC7D-573F40978527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "04F44BB3-5221-4D8A-ABC3-C51EC76A5B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "3F4075B0-0F9F-466B-8521-2156849247C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E0B99DA-3BDA-4848-85BB-EC0D002A73F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "E1B24679-4C63-4320-A79F-E19CCFA537D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "DF2A6BCB-108E-4226-BC31-6E0057DFB6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "5EDE46EA-5B6A-4B59-8BAA-CD803F6D5FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "D0D28529-2A0A-4398-98C2-C35BABB9373A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "F8BF6A6A-F734-4395-9305-2E9F52EE888F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:mac:*:*:*:*:*",
"matchCriteriaId": "402BBD8E-4960-43C0-8D46-6F20BBA6BF2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "AFCB45F3-397E-42A8-8D08-ECF667939FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:mac:*:*:*:*:*",
"matchCriteriaId": "BDBD1E93-C675-4248-ACE6-C49DBE7B3E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "D5C04F70-E2E6-48F4-948D-9D0C7B2A2F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0E0EA8-2947-44F9-BCFA-F4CFA34E9EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "EA16CB14-D053-4CDB-B80A-8AC9D17FACAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "E1DB3FBD-40F4-41FB-A939-3E3A4D0D85B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "60500521-46FC-4734-901C-0A5E5D3DB9EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "F45B47BB-E14F-4437-8828-EF059496BF95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "682C7A59-6F3C-4E50-A145-D081614CD42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "9B353211-F90E-4F38-9D0B-B8C7EC00E66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:mac:*:*:*:*:*",
"matchCriteriaId": "D69BB04E-E696-4B34-95DE-B42F46697F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "F6A44CA9-D257-4BB7-B5AB-23193F35FCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:-:mac:*:*:*:*:*",
"matchCriteriaId": "C0638BF3-4B18-4747-AD33-D04B3B4E217F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "9B8F4241-551B-492D-8602-06146B05CF13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:-:mac:*:*:*:*:*",
"matchCriteriaId": "CF370413-96F7-4882-899F-577A8F3DAD47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "2BA9C6F7-513B-426F-90AD-7E826433CEF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:-:mac:*:*:*:*:*",
"matchCriteriaId": "2D9ECCF0-1CF4-4201-8002-EFF6C5331DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*",
"matchCriteriaId": "5B709D68-8474-4AAE-AA11-777EF510E1AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "98C9B657-5484-4458-861E-D6FB5019265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:vista:*:*:*:*:*",
"matchCriteriaId": "6F1AC0EA-202C-47F8-8104-C10A5BBEDF1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B84D320E-ACA2-4B6E-B682-00202B9ADF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "B2706818-E87A-4BF7-AC10-CFA28ABE4B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "4DCEE583-6CD2-4098-9A2A-B006A5023318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81E0F160-4B70-45CD-B8AC-AB30ADDB8D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "268B4FBA-D6AC-4595-898A-721E284F3399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "52AD56F9-0CE6-4949-9853-3274A2C81601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF20D38-BFA3-4403-AB24-7B74EFD68229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97FEBA83-C845-4334-9B9A-921BA0F44DE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "DA476E79-5145-4EE3-BD81-3773C6B19825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "555B1A2A-95F5-4B06-8774-FF952BEC2FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CE2A89-B2FC-413D-A059-526E6DE301BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "1BB8C8C6-2751-4704-B999-FBF5BC2FDA74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "CEA210F5-71F6-4528-B2B4-507AA4A435EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9F7DCE-EE65-4CD5-AA21-208B2AAF09EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "31662D02-7FA9-4FAD-BE49-194B7295CEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C835F2-4F9E-45A6-8112-C2D8CB1A39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "D0E4F2DB-1C1A-4440-8D1B-C18F41E2603C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "081712FF-C6B8-423B-8F20-C79D25DE782F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8461AF0A-D4D3-4010-A881-EDBB95003083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "D7B3A3F0-EE97-49B6-A92A-D5D2D7171913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "CF045B49-11A3-447A-9D05-1E8794980A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E1332A-5B4D-4590-BFA5-4557C71F894B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8E5C77-573F-4EA3-A59C-4A7B11946E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.5:-:mac:*:*:*:*:*",
"matchCriteriaId": "428DCE6C-B2EC-4BFF-BA65-DB14F1CC964F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "939BE521-A385-4A1A-B4B0-C4687751D4A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC01580-460A-4DC3-BB6D-A9B2254EF6D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6E08BF-737E-4512-9BB8-5B4B03A2F8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "2AC5D3A0-A7BB-4C0F-94FF-8ED54FB62A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "304CFC80-E925-4CB8-8251-0FD0F09B8410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22D0674-0EC7-4176-97FB-940F2F7D6AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.5:-:mac:*:*:*:*:*",
"matchCriteriaId": "4DDB8D28-183F-4B16-8610-592A210311E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "DFD95CD9-E387-4EC8-B6EA-FBC6961E4C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A6470EC-B72B-404C-9E69-03C3FEFD56F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en Apple QuickTime anterior a la v7.6.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o producir una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de datos de audio codificados como MS ADPCM en un fichero de pel\u00edcula AVI."
}
],
"id": "CVE-2009-0185",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-06-02T18:30:00.187",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/54879"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35091"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-6/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/35163"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504006/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTA-2009-AVI-206
Vulnerability from certfr_avis - Published: 2009-06-03 - Updated: 2009-06-03
Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. L'exploitation de celles-ci permet à une personne malveillante de perturber le service, voire d'exécuter du code arbitraire sur le système vulnérable.
Description
Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. Ce dernier ne manipulerait pas correctement certains formats de fichiers, comme les données vidéo de type Sorenson 3, les fichiers compressés par FLI/FLC, les images compressées par PSD ou aux formats PICT et JP2.
L'exploitation de ces vulnérabilités peut être réalisée avec des fichiers spécialement construits puis insérés dans des pages Web. Cela permet à une personne malveillante, à distance, de perturber le service, voire d'exécuter du code arbitraire sur le système vulnérable.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Apple QuickTime pour les versions antérieures à 7.6.2.
Les systèmes d'exploitation peuvent être indifféremment Apple Mac OS X ou Microsoft Windows.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cUL\u003e \u003cLI\u003eApple QuickTime pour les versions ant\u00e9rieures \u00e0 7.6.2.\u003c/LI\u003e \u003c/UL\u003e \u003cP\u003eLes syst\u00e8mes d\u0027exploitation peuvent \u00eatre indiff\u00e9remment Apple Mac OS X ou Microsoft Windows.\u003c/P\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. Ce dernier ne manipulerait pas correctement certains\nformats de fichiers, comme les donn\u00e9es vid\u00e9o de type Sorenson 3, les\nfichiers compress\u00e9s par FLI/FLC, les images compress\u00e9es par PSD ou aux\nformats PICT et JP2.\n\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut \u00eatre r\u00e9alis\u00e9e avec des\nfichiers sp\u00e9cialement construits puis ins\u00e9r\u00e9s dans des pages Web. Cela\npermet \u00e0 une personne malveillante, \u00e0 distance, de perturber le service,\nvoire d\u0027ex\u00e9cuter du code arbitraire sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-0954",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0954"
},
{
"name": "CVE-2009-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0010"
},
{
"name": "CVE-2009-0957",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0957"
},
{
"name": "CVE-2009-0951",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0951"
},
{
"name": "CVE-2009-0955",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0955"
},
{
"name": "CVE-2009-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0185"
},
{
"name": "CVE-2009-0188",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0188"
},
{
"name": "CVE-2009-0952",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0952"
},
{
"name": "CVE-2009-0956",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0956"
},
{
"name": "CVE-2009-0953",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0953"
}
],
"initial_release_date": "2009-06-03T00:00:00",
"last_revision_date": "2009-06-03T00:00:00",
"links": [
{
"title": "Note de s\u00e9curit\u00e9 Apple HT3591 du 01 juin 2009\u00a0:",
"url": "http://support.apple.com/kb/HT3591"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple 106704 du 01 juin 2009 :",
"url": "http://docs.info.apple.com/article.html?artnum=106704"
},
{
"title": "Note de s\u00e9curit\u00e9 Apple HT3520 du 01 juin 2009\u00a0:",
"url": "http://support.apple.com/kb/HT3520"
}
],
"reference": "CERTA-2009-AVI-206",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-06-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. L\u0027exploitation de celles-ci permet \u00e0 une personne\nmalveillante de perturber le service, voire d\u0027ex\u00e9cuter du code\narbitraire sur le syst\u00e8me vuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple QuickTime",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT3591 du 01 juin 2009",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…