fkie_nvd - fkie_cve-2010-0528

fkie_cve-2010-0528

Vulnerability from fkie_nvd

Published

2010-03-31 18:30

Modified

2025-04-11 00:51

Severity ?

Summary

Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value.

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html	Patch, Vendor Advisory
product-security@apple.com	http://www.securityfocus.com/archive/1/510518/100/0/threaded
product-security@apple.com	http://www.zerodayinitiative.com/advisories/ZDI-10-042
product-security@apple.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6989
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/510518/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-10-042
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6989

Impacted products

Vendor	Product	Version
apple	quicktime	*
apple	quicktime	7.0.0
apple	quicktime	7.0.1
apple	quicktime	7.0.2
apple	quicktime	7.0.3
apple	quicktime	7.0.4
apple	quicktime	7.1.0
apple	quicktime	7.1.1
apple	quicktime	7.1.2
apple	quicktime	7.1.3
apple	quicktime	7.1.4
apple	quicktime	7.1.5
apple	quicktime	7.1.6
apple	quicktime	7.2.0
apple	quicktime	7.2.1
apple	quicktime	7.3.0
apple	quicktime	7.3.1
apple	quicktime	7.4.0
apple	quicktime	7.4.1
apple	quicktime	7.4.5
apple	quicktime	7.5.0
apple	quicktime	7.5.5
apple	quicktime	7.6.1
apple	quicktime	7.6.6
microsoft	windows_7	*
microsoft	windows_vista	*
microsoft	windows_xp	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:quicktime:*:-:windows:*:*:*:*:*",
              "matchCriteriaId": "B27C0810-E6C3-44D9-8EA1-BBCF0C681F71",
              "versionEndIncluding": "7.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "3F4075B0-0F9F-466B-8521-2156849247C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "DF2A6BCB-108E-4226-BC31-6E0057DFB6D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "F8BF6A6A-F734-4395-9305-2E9F52EE888F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
              "matchCriteriaId": "AFCB45F3-397E-42A8-8D08-ECF667939FF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
              "matchCriteriaId": "D5C04F70-E2E6-48F4-948D-9D0C7B2A2F3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "E1DB3FBD-40F4-41FB-A939-3E3A4D0D85B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "F45B47BB-E14F-4437-8828-EF059496BF95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "9B353211-F90E-4F38-9D0B-B8C7EC00E66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
              "matchCriteriaId": "F6A44CA9-D257-4BB7-B5AB-23193F35FCB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*",
              "matchCriteriaId": "9B8F4241-551B-492D-8602-06146B05CF13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*",
              "matchCriteriaId": "2BA9C6F7-513B-426F-90AD-7E826433CEF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*",
              "matchCriteriaId": "5B709D68-8474-4AAE-AA11-777EF510E1AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "4DCEE583-6CD2-4098-9A2A-B006A5023318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "52AD56F9-0CE6-4949-9853-3274A2C81601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "555B1A2A-95F5-4B06-8774-FF952BEC2FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "CEA210F5-71F6-4528-B2B4-507AA4A435EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "081712FF-C6B8-423B-8F20-C79D25DE782F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "CF045B49-11A3-447A-9D05-1E8794980A81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*",
              "matchCriteriaId": "939BE521-A385-4A1A-B4B0-C4687751D4A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "304CFC80-E925-4CB8-8251-0FD0F09B8410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*",
              "matchCriteriaId": "DFD95CD9-E387-4EC8-B6EA-FBC6961E4C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.6.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "B907F62E-696E-41C6-9748-F16D0D96982C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.6.6:-:windows:*:*:*:*:*",
              "matchCriteriaId": "D67759D7-A89D-4CE4-80EB-3C831EBB10C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value."
    },
    {
      "lang": "es",
      "value": "QuickTime de Apple anterior a versi\u00f3n 7.6.6 sobre Windows, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de aplicaci\u00f3n) por medio de tablas de color especialmente dise\u00f1adas en un archivo de pel\u00edcula, relacionadas con datos de MediaVideo malformado, un \u00e1tomo de descripci\u00f3n de muestra (STSD) y un valor de longitud especialmente dise\u00f1ado."
    }
  ],
  "evaluatorImpact": "Per: http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html\r\n\r\n\u0027This issue does not affect Mac OS X systems.\u0027",
  "id": "CVE-2010-0528",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-03-31T18:30:00.313",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securityfocus.com/archive/1/510518/100/0/threaded"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-042"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6989"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/510518/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6989"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2010-0528 (GCVE-0-2010-0528)

Vulnerability from cvelistv5

Published

2010-03-31 18:00