CVE-2006-1463
Apple QuickTime H.264 Parsing Buffer Overflow Vulnerability
Severity Score
5.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value.
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player.
The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an exploitable memory corruption condition. Exploitation requires that an attacker either coerce the target to open a malformed media file or visit a website embedding the malicious file.
*Credits:
ATmaCA
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-03-28 CVE Reserved
- 2006-05-11 CVE Published
- 2023-03-16 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/888 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/433828/100/0/threaded | Mailing List | |
| http://www.us-cert.gov/cas/techalerts/TA06-132B.html | Third Party Advisory | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26396 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2006/May/msg00002.html | 2018-10-18 | |
| http://secunia.com/advisories/20069 | 2018-10-18 | |
| http://securitytracker.com/id?1016067 | 2018-10-18 | |
| http://www.securityfocus.com/bid/17953 | 2018-10-18 | |
| http://www.zerodayinitiative.com/advisories/ZDI-06-015.html | 2018-10-18 |
| URL | Date | SRC |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/1778 | 2018-10-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 7.0.3 Search vendor "Apple" for product "Quicktime" and version "7.0.3" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Quicktime Search vendor "Apple" for product "Quicktime" | 7.0.4 Search vendor "Apple" for product "Quicktime" and version "7.0.4" | - |
Affected
| ||||||