var-200609-0311
Vulnerability from variot
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. Apple QuickTime fails to properly handle SGI images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Successful exploits may facilitate a remote compromise of affected computers. Apple QuickTime FLIC File Heap Overflow Vulnerability
iDefense Security Advisory 09.12.06 http://www.idefense.com/intelligence/vulnerabilities/ Sep 12, 2006
I. BACKGROUND
Quicktime is Apple's media player product used to render video and other media. For more information visit http://www.apple.com/quicktime/
II.
A FLIC file is an animation file consisting of a number of frames, each of which is made up of an image and may contain other information such as a palette or a label.
The vulnerability specifically exists in the handling of the COLOR_64 chunk in FLIC format files. QuickTime does not validate that the data size allocated to store the palette is large enough, allowing a malformed file to cause controllable heap corruption.
III. In order to exploit this vulnerability, attackers must social engineer victims into visiting a website under their control.
The QuickTime plugin can be forced to load in Firefox and Internet Explorer. Furthermore, testing shows that either browser can be used as an attack vector. It is also possible to open this type of file directly from within QuickTime or from a playlist that QuickTime has opened.
The data being used to overwrite the heap is in the form 0x00XXYYZZ, where XX, YY and ZZ are controllable. This limits the range of values that can be overwritten, but does not prevent it.
IV. DETECTION
iDefense Labs confirmed that version 7.1 of the QuickTime player is vulnerable. It is suspected that all previous versions are also affected.
V. WORKAROUND
iDefense is currently unaware of any effective workarounds for this vulnerability.
VI. VENDOR RESPONSE
" QuickTime 7.1.3 may be obtained from the Software Update pane in System Preferences, or from the Download tab in the QuickTime site http://www.apple.com/quicktime/
For Mac OS X v10.3.9 or later The download file is named: "QuickTimeInstallerX.dmg" Its SHA-1 digest is: 55cfeb0d92d8e0a0694267df58d2b53526d24d3d
QuickTime 7.1.3 for Windows 2000/XP The download file is named: "QuickTimeInstaller.exe" Its SHA-1 digest is: 047a9f2d88c8a865b4ad5f24c9904b8727ba71e7
QuickTime 7.1.3 with iTunes for Windows 2000/XP The download file is named: "iTunesSetup.exe" Its SHA-1 digest is: 5cdc86b2edb1411b9a022f05b1bfbe858fbcf901
Information will also be posted to the Apple Product Security web site: http://docs.info.apple.com/article.html?artnum=61798 "
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2006-4384 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
08/16/2006 Initial vendor notification 08/16/2006 Initial vendor response 09/12/2006 Coordinated public disclosure
IX. CREDIT
This vulnerability was reported to iDefense by Rub\xe9n Santamarta of reversemode.com.
Get paid for vulnerability research http://www.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.iDefense.com/
X. LEGAL NOTICES
Copyright \xa9 2006 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@iDefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. McAfee, Inc. QuickTime is used by the Mac OS X operating system and by the QuickTime media player for Microsoft Windows.
Seven code execution vulnerabilities are present in QuickTime support for various multimedia formats including: MOV, H.264, FLC, FPX and SGI.
Exploitation could lead to execution of arbitrary code. User interaction is required for an attack to succeed.
The risk rating for these issues is medium.
- Vulnerable Systems
QuickTime 7.1.2 and below for Mac OS X QuickTime for Windows 7.1.2 and below
- Vulnerability Information
CVE-2006-4382
Two buffer overflow vulnerabilities are present in QuickTime MOV format support.
CVE-2006-4385
One buffer overflow vulnerability is present in QuickTime SGI format support.
CVE-2006-4386
One buffer overflow vulnerability is present in QuickTime MOV H.264 format support.
CVE-2006-4389
One uninitialized memory access vulnerability is present in QuickTime FlashPix (FPX) format support.
- Resolution
Apple has included fixes for the QuickTime issues in QuickTime version 7.1.3 for Mac OS X and for Microsoft Windows.
Further information is available at: http://docs.info.apple.com/article.html?artnum=304357
- Credits
These vulnerabilities were discovered by Mike Price of McAfee Avert Labs. The information contained within this advisory is provided for the convenience of McAfee's customers, and may be redistributed provided that no fee is charged for distribution and that the advisory is not modified in any way. McAfee makes no representations or warranties regarding the accuracy of the information referenced in this document, or the suitability of that information for your purposes.
McAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee, Inc. and/or its affiliated companies in the United States and/or other Countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners.
Best regards,
Dave Marcus, B.A., CCNA, MCSE Security Research and Communications Manager McAfee(r) Avert(r) Labs .
I. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page.
Note that QuickTime ships with Apple iTunes.
For more information, please refer to the Vulnerability Notes. Solution
Upgrade QuickTime
Upgrade to QuickTime 7.1.3.
Disable QuickTime in your web browser
An attacker may be able to exploit this vulnerability by persuading a user to access a specially crafted file with a web browser. For more information, refer to the Securing Your Web Browser document. Please send email to cert@cert.org with "TA06-256A Feedback VU#540348" in the subject.
Produced 2006 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
September 13, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRQg23exOF3G+ig+rAQK7LggAt0RUIz3jewgQYrRYp9bMDBkS61Bvh2OO 8Gp2H472UXA0ucElK/1hAXtPXU2Pmf/EjrCqSImO+srV4i0x5QIFJDo41HtbDo9s FzQC/rmJ3YWl15L+uIjG0S1wxWwH5GyzQj4xaZCMdNLYEN7LVe31ETDsXJ3kEMMa m19M4GLOXAFfmjyGgky4Nux0RJU1UE/0w9pZESOXg+7WXFY8skOZ8YfqBvunjqtE pZa3LWoOcDtP/ORoEn7GY83v/uQqkX8uoAxwe9nuGXbyssvj7BQxDPvnwSWrXzUG R59/r1NA4i/EtYNV1ONW2Pntqc5/vv0OGcs1JFM9tazV3aRbgHfCVg== =nQVd -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gentoo Linux Security Advisory GLSA 200803-08
http://security.gentoo.org/
Severity: Normal Title: Win32 binary codecs: Multiple vulnerabilities Date: March 04, 2008 Bugs: #150288 ID: 200803-08
Synopsis
Multiple vulnerabilities in the Win32 codecs for Linux may result in the remote execution of arbitrary code.
Background
Win32 binary codecs provide support for video and audio playback.
Workaround
There is no known workaround at this time.
Resolution
All Win32 binary codecs users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
">=media-libs/win32codecs-20071007-r2"
Note: Since no updated binary versions have been released, the Quicktime libraries have been removed from the package. Please use the free alternative Quicktime implementations within VLC, MPlayer or Xine for playback.
References
[ 1 ] CVE-2006-4382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382 [ 2 ] CVE-2006-4384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384 [ 3 ] CVE-2006-4385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385 [ 4 ] CVE-2006-4386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386 [ 5 ] CVE-2006-4388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388 [ 6 ] CVE-2006-4389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389 [ 7 ] CVE-2007-4674 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674 [ 8 ] CVE-2007-6166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.8,
"vendor": "apple computer",
"version": null
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.1.3"
},
{
"model": "media-libs/win32codecs 20071007-r2",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "quicktime player",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#489836"
},
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
},
{
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.2:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.3:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.4:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.3:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sowhat smaillist@gmail.com Mike PricePiotr Bania bania.piotr@gmail.com Ruben Santamarta ruben@reversemode.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4384",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-4384",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-20492",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4384",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#489836",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#308204",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#200316",
"trust": 0.8,
"value": "0.08"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#683700",
"trust": 0.8,
"value": "2.73"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#554252",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#540348",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-173",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20492",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#489836"
},
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20492"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
},
{
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. Apple QuickTime fails to properly handle SGI images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Successful exploits may facilitate a remote compromise of affected computers. Apple QuickTime FLIC File Heap Overflow Vulnerability\n\niDefense Security Advisory 09.12.06\nhttp://www.idefense.com/intelligence/vulnerabilities/\nSep 12, 2006\n\nI. BACKGROUND\n\nQuicktime is Apple\u0027s media player product used to render video and other\nmedia. For more information visit http://www.apple.com/quicktime/\n\nII. \n\nA FLIC file is an animation file consisting of a number of frames, each\nof which is made up of an image and may contain other information such\nas a palette or a label. \n\nThe vulnerability specifically exists in the handling of the COLOR_64\nchunk in FLIC format files. QuickTime does not validate that the data\nsize allocated to store the palette is large enough, allowing a\nmalformed file to cause controllable heap corruption. \n\nIII. In order to exploit this\nvulnerability, attackers must social engineer victims into visiting a\nwebsite under their control. \n\nThe QuickTime plugin can be forced to load in Firefox and Internet\nExplorer. Furthermore, testing shows that either browser can be used as\nan attack vector. It is also possible to open this type of file directly\nfrom within QuickTime or from a playlist that QuickTime has opened. \n\nThe data being used to overwrite the heap is in the form 0x00XXYYZZ,\nwhere XX, YY and ZZ are controllable. This limits the range of values\nthat can be overwritten, but does not prevent it. \n\nIV. DETECTION\n\niDefense Labs confirmed that version 7.1 of the QuickTime player is\nvulnerable. It is suspected that all previous versions are also\naffected. \n\nV. WORKAROUND\n\niDefense is currently unaware of any effective workarounds for this\nvulnerability. \n\nVI. VENDOR RESPONSE\n\n\"\nQuickTime 7.1.3 may be obtained from the Software Update pane in\nSystem Preferences, or from the Download tab in the QuickTime site\nhttp://www.apple.com/quicktime/\n\nFor Mac OS X v10.3.9 or later\nThe download file is named: \"QuickTimeInstallerX.dmg\"\nIts SHA-1 digest is: 55cfeb0d92d8e0a0694267df58d2b53526d24d3d\n\nQuickTime 7.1.3 for Windows 2000/XP\nThe download file is named: \"QuickTimeInstaller.exe\"\nIts SHA-1 digest is: 047a9f2d88c8a865b4ad5f24c9904b8727ba71e7\n\nQuickTime 7.1.3 with iTunes for Windows 2000/XP\nThe download file is named: \"iTunesSetup.exe\"\nIts SHA-1 digest is: 5cdc86b2edb1411b9a022f05b1bfbe858fbcf901\n\nInformation will also be posted to the Apple Product Security\nweb site: http://docs.info.apple.com/article.html?artnum=61798\n\"\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CAN-2006-4384 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n08/16/2006 Initial vendor notification\n08/16/2006 Initial vendor response\n09/12/2006 Coordinated public disclosure\n\nIX. CREDIT\n\nThis vulnerability was reported to iDefense by Rub\\xe9n Santamarta of\nreversemode.com. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.iDefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2006 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@iDefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \nMcAfee, Inc. QuickTime is used by the Mac OS X operating system and\nby the QuickTime media player for Microsoft Windows. \n\nSeven code execution vulnerabilities are present in QuickTime support\nfor various multimedia formats including: MOV, H.264, FLC, FPX and SGI. \n\nExploitation could lead to execution of arbitrary code. User interaction\nis required for an attack to succeed. \n\nThe risk rating for these issues is medium. \n\n_________________________________________________\n\n*\tVulnerable Systems\n\nQuickTime 7.1.2 and below for Mac OS X\nQuickTime for Windows 7.1.2 and below\n\n_________________________________________________\n\n*\tVulnerability Information\n\nCVE-2006-4382\n\nTwo buffer overflow vulnerabilities are present in QuickTime MOV format\nsupport. \n\nCVE-2006-4385\n\nOne buffer overflow vulnerability is present in QuickTime SGI format\nsupport. \n\nCVE-2006-4386\n\nOne buffer overflow vulnerability is present in QuickTime MOV H.264\nformat support. \n\nCVE-2006-4389\n\nOne uninitialized memory access vulnerability is present in QuickTime\nFlashPix (FPX) format support. \n\n_________________________________________________\n\n\n*\tResolution\n\nApple has included fixes for the QuickTime issues in QuickTime version\n7.1.3 for Mac OS X and for Microsoft Windows. \n\nFurther information is available at:\nhttp://docs.info.apple.com/article.html?artnum=304357\n\n_________________________________________________\n\n*\tCredits\n\nThese vulnerabilities were discovered by Mike Price of McAfee Avert\nLabs. \nThe information contained within this advisory is provided for the\nconvenience of McAfee\u0027s customers, and may be redistributed provided\nthat no fee is charged for distribution and that the advisory is not\nmodified in any way. McAfee makes no representations or warranties\nregarding the accuracy of the information referenced in this document,\nor the suitability of that information for your purposes. \n\nMcAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee,\nInc. and/or its affiliated companies in the United States and/or other\nCountries. All other registered and unregistered trademarks in this\ndocument are the sole property of their respective owners. \n\n\nBest regards,\n\nDave Marcus, B.A., CCNA, MCSE\nSecurity Research and Communications Manager\nMcAfee(r) Avert(r) Labs\n. \n\n\nI. Since QuickTime configures most web browsers to\n handle QuickTime media files, an attacker could exploit these\n vulnerabilities using a web page. \n\n Note that QuickTime ships with Apple iTunes. \n\n For more information, please refer to the Vulnerability Notes. Solution\n\nUpgrade QuickTime\n\n Upgrade to QuickTime 7.1.3. \n\nDisable QuickTime in your web browser\n\n An attacker may be able to exploit this vulnerability by persuading\n a user to access a specially crafted file with a web\n browser. For more information, refer to the\n Securing Your Web Browser document. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-256A Feedback VU#540348\" in the\n subject. \n ____________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n \n\n Revision History\n\n September 13, 2006: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRQg23exOF3G+ig+rAQK7LggAt0RUIz3jewgQYrRYp9bMDBkS61Bvh2OO\n8Gp2H472UXA0ucElK/1hAXtPXU2Pmf/EjrCqSImO+srV4i0x5QIFJDo41HtbDo9s\nFzQC/rmJ3YWl15L+uIjG0S1wxWwH5GyzQj4xaZCMdNLYEN7LVe31ETDsXJ3kEMMa\nm19M4GLOXAFfmjyGgky4Nux0RJU1UE/0w9pZESOXg+7WXFY8skOZ8YfqBvunjqtE\npZa3LWoOcDtP/ORoEn7GY83v/uQqkX8uoAxwe9nuGXbyssvj7BQxDPvnwSWrXzUG\nR59/r1NA4i/EtYNV1ONW2Pntqc5/vv0OGcs1JFM9tazV3aRbgHfCVg==\n=nQVd\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200803-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Win32 binary codecs: Multiple vulnerabilities\n Date: March 04, 2008\n Bugs: #150288\n ID: 200803-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in the Win32 codecs for Linux may result in\nthe remote execution of arbitrary code. \n\nBackground\n==========\n\nWin32 binary codecs provide support for video and audio playback. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Win32 binary codecs users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n\"\u003e=media-libs/win32codecs-20071007-r2\"\n\nNote: Since no updated binary versions have been released, the\nQuicktime libraries have been removed from the package. Please use the\nfree alternative Quicktime implementations within VLC, MPlayer or Xine\nfor playback. \n\nReferences\n==========\n\n [ 1 ] CVE-2006-4382\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382\n [ 2 ] CVE-2006-4384\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384\n [ 3 ] CVE-2006-4385\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385\n [ 4 ] CVE-2006-4386\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386\n [ 5 ] CVE-2006-4388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388\n [ 6 ] CVE-2006-4389\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389\n [ 7 ] CVE-2007-4674\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674\n [ 8 ] CVE-2007-6166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4384"
},
{
"db": "CERT/CC",
"id": "VU#489836"
},
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "VULHUB",
"id": "VHN-20492"
},
{
"db": "PACKETSTORM",
"id": "49972"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "50016"
},
{
"db": "PACKETSTORM",
"id": "64267"
}
],
"trust": 6.66
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-20492",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20492"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "21893",
"trust": 5.7
},
{
"db": "CERT/CC",
"id": "VU#489836",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2006-4384",
"trust": 3.1
},
{
"db": "BID",
"id": "19976",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "28771",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1016830",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29182",
"trust": 1.7
},
{
"db": "SREASON",
"id": "1554",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-3577",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#308204",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#200316",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#683700",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#554252",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#540348",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA06-256A",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001145",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200609-173",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060913 MULTIPLE VULNERABILITIES IN APPLE QUICKTIME",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060915 [REVERSEMODE ADVISORY] APPLE QUICKTIME FLIC FILE HEAP OVERFLOW",
"trust": 0.6
},
{
"db": "XF",
"id": "28930",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20060912 APPLE QUICKTIME FLIC FILE HEAP OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-09-12",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200803-08",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "49972",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "28521",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82082",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-20492",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50015",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50016",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64267",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#489836"
},
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20492"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"db": "PACKETSTORM",
"id": "49972"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "50016"
},
{
"db": "PACKETSTORM",
"id": "64267"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
},
{
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"id": "VAR-200609-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20492"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:12:46.615000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2006-09-12",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2006/sep/msg00000.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001145"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.0,
"url": "http://docs.info.apple.com/article.html?artnum=304357"
},
{
"trust": 4.0,
"url": "http://secunia.com/advisories/21893/"
},
{
"trust": 3.2,
"url": "http://www.apple.com/support/downloads/quicktime713.html"
},
{
"trust": 3.2,
"url": "http://www.apple.com/quicktime/download/standalone.html"
},
{
"trust": 3.2,
"url": "http://www.us-cert.gov/reading_room/securing_browser/"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/489836"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/sep/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19976"
},
{
"trust": 1.7,
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=413"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/28771"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21893"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29182"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/1554"
},
{
"trust": 1.6,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=fileinfo\u0026id=25"
},
{
"trust": 1.6,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=fileinfo\u0026id=24"
},
{
"trust": 1.1,
"url": "http://piotrbania.com/all/adv/quicktime-integer-overflow-h264-adv-7.1.txt"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/445888/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/446134/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28930"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4384"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-256a.html"
},
{
"trust": 0.8,
"url": "http://www.cert.org/tech_tips/before_you_plug_in.html"
},
{
"trust": 0.8,
"url": "http://www.apple.com/quicktime/download/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4384"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/28930"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/446134/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/445888/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3577"
},
{
"trust": 0.4,
"url": "http://www.apple.com/quicktime/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/200316"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/308204"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/540348"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/554252"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/683700"
},
{
"trust": 0.3,
"url": "/archive/1/445830"
},
{
"trust": 0.3,
"url": "/archive/1/445831"
},
{
"trust": 0.3,
"url": "/archive/1/445888"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4384"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4382"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4385"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4389"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4388"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4386"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026amp;itemid=2\u0026amp;func=fileinfo\u0026amp;id=24"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026amp;itemid=2\u0026amp;func=fileinfo\u0026amp;id=25"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=304357\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/quicktime713.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/quicktime/download/standalone.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=quicktime_713\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-256a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4674"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4674"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6166"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6166"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4386"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4385"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4389"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4388"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4382"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#489836"
},
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20492"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"db": "PACKETSTORM",
"id": "49972"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "50016"
},
{
"db": "PACKETSTORM",
"id": "64267"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
},
{
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#489836"
},
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20492"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"db": "PACKETSTORM",
"id": "49972"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "50016"
},
{
"db": "PACKETSTORM",
"id": "64267"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
},
{
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-14T00:00:00",
"db": "CERT/CC",
"id": "VU#489836"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#308204"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#200316"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#683700"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#554252"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#540348"
},
{
"date": "2006-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-20492"
},
{
"date": "2006-09-12T00:00:00",
"db": "BID",
"id": "19976"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"date": "2006-09-13T09:34:05",
"db": "PACKETSTORM",
"id": "49972"
},
{
"date": "2006-09-14T07:22:52",
"db": "PACKETSTORM",
"id": "50015"
},
{
"date": "2006-09-14T07:23:59",
"db": "PACKETSTORM",
"id": "50016"
},
{
"date": "2008-03-04T22:49:07",
"db": "PACKETSTORM",
"id": "64267"
},
{
"date": "2006-09-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-173"
},
{
"date": "2006-09-12T23:07:00",
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-14T00:00:00",
"db": "CERT/CC",
"id": "VU#489836"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#308204"
},
{
"date": "2006-09-15T00:00:00",
"db": "CERT/CC",
"id": "VU#200316"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#683700"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#554252"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#540348"
},
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-20492"
},
{
"date": "2008-03-04T23:32:00",
"db": "BID",
"id": "19976"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001145"
},
{
"date": "2013-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-173"
},
{
"date": "2018-10-17T21:36:50.867000",
"db": "NVD",
"id": "CVE-2006-4384"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "49972"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime fails to properly handle FLC movies",
"sources": [
{
"db": "CERT/CC",
"id": "VU#489836"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-173"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.