CVE-2008-1014
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information.
Apple QuickTime antes de 7.4.5 no maneja adecuadamente URLs externas en películas, lo que permite a atacantes remotos obtener información sensible.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-02-26 CVE Reserved
- 2008-04-04 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://securitytracker.com/id?1019758 | Vdb Entry | |
| http://support.apple.com/kb/HT1241 | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/28583 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/1078 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41602 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/29650 | 2017-08-08 | |
| http://www.us-cert.gov/cas/techalerts/TA08-094A.html | 2017-08-08 |
| URL | Date | SRC |
|---|