CVE-2005-2756
quicktime-pict-adv.txt
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
Apple QuickTime PictureViewer is reported prone to remote memory overwrite vulnerability (exploitable via remotely originated content). Expansion of compressed PICT data could exceed the size of the destination buffer, this cause an memory overwrite. The vulnerability may lead to remote code execution when specially crafted picture file (PICT file) is being loaded. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2005-08-30 CVE Reserved
- 2005-11-04 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
http://docs.info.apple.com/article.html?artnum=302772 | X_refsource_confirm | |
http://secunia.com/advisories/17428 | Third Party Advisory | |
http://securityreason.com/securityalert/144 | Third Party Advisory | |
http://www.kb.cert.org/vuls/id/855118 | Third Party Advisory |
|
http://www.osvdb.org/20478 | Vdb Entry | |
http://www.securityfocus.com/archive/1/415714/30/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/15309 | Vdb Entry | |
http://www.vupen.com/english/advisories/2005/2293 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://securitytracker.com/id?1015152 | 2018-10-19 |
URL | Date | SRC |
---|---|---|
http://pb.specialised.info/all/adv/quicktime-pict-adv.txt | 2018-10-19 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | <= 7.0.2 Search vendor "Apple" for product "Quicktime" and version " <= 7.0.2" | windows |
Affected
| ||||||
Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 6.5.2 Search vendor "Apple" for product "Quicktime" and version "6.5.2" | mac_os_x_10.2 |
Affected
| ||||||
Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 6.5.2 Search vendor "Apple" for product "Quicktime" and version "6.5.2" | mac_os_x_10.3 |
Affected
| ||||||
Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 7.0 Search vendor "Apple" for product "Quicktime" and version "7.0" | windows |
Affected
| ||||||
Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 7.0.1 Search vendor "Apple" for product "Quicktime" and version "7.0.1" | mac_os_x_10.3 |
Affected
| ||||||
Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 7.0.1 Search vendor "Apple" for product "Quicktime" and version "7.0.1" | mac_os_x_10.4 |
Affected
| ||||||
Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 7.0.1 Search vendor "Apple" for product "Quicktime" and version "7.0.1" | windows |
Affected
|