var-200609-0313
Vulnerability from variot
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381. Apple QuickTime fails to properly handle SGI images. Apple From, as a countermeasure version Quicktime 7.1.3 Has been released.Arbitrary code or commands can be executed by a remote third party, DoS You can be attacked. Successful exploits may facilitate a remote compromise of affected computers.
CVE: CVE-2006-4386
Orginal URL:
http://piotrbania.com/all/adv/quicktime-integer-overflow-h264-adv-7.1.txt
Software affected: Tested on QucikTime 7.1 (Windows version), with
all newest add-ons.
0. DISCLAIMER
Author takes no responsibility for any actions with provided
informations or codes. The copyright for any material created by the author is reserved. Any duplication of codes or texts provided here in electronic or printed publications is not permitted without the author's agreement.
I.
II.
The overflow occurs in the H.264 codec.
Vulnerable code:
6825a28f 668b4806 mov cx,[eax+0x6] ; cx = controled by
attacker 6825a293 660fb6d5 movzx dx,ch ; dx = 0x00XX (XX - controled by attacker) 6825a297 8af1 mov dh,cl ; dx = 0xXXXX (-//-) 6825a299 8bca mov ecx,edx ; ecx = edx 6825a29b 6681f90001 cmp cx,0x100 ; compare cx with 0x100 6825a2a0 7f3d jg QuickTimeH264!JVTCompComponentDispatch+0x917c (6825a2df) ; (1) 6825a2a2 0fbfd1 movsx edx,cx ; (2) 6825a2a5 8bca mov ecx,edx 6825a2a7 8bd9 mov ebx,ecx 6825a2a9 c1e902 shr ecx,0x2 6825a2ac 8d7008 lea esi,[eax+0x8] 6825a2af 8d7c2418 lea edi,[esp+0x18] 6825a2b3 f3a5 rep movsd ds:00fb8000=????????
*1 - JG jumps, takes care of the sign so in this case we have an
security check for upper bounds, but when cx is a negative number this check is bypassed. No lower bounds checks were applied - bad.
*2 - Due to the bypass of the point *1 EDX is now CX extended by sign
(in this case its negative), EDX now looks like 0xFFFFXXXX, the integer is overflowed and rep movsd causes an memory corruption (obvious fact is that ECX is related to EDX).
Debugger output:
eax=00fb2028 ebx=ffffc9c9 ecx=3fffda7e edx=ffffc9c9 esi=00fb8000
edi=00141688 eip=6825a2b3 esp=0013b6a0 ebp=0013b8c4 iopl=0 nv up ei pl nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010216 *** ERROR: Symbol file could not be found. Defaulted to export symbols for E:\Quicktime\QTSystem\QuickTimeH264.qtx - QuickTimeH264!JVTCompComponentDispatch+0x9150: 6825a2b3 f3a5 rep movsd ds:00fb8000=???????? es:00141688=00000000
The vulnerability may lead to remote code execution when specially
crafted video file (MOV file) is being loaded.
III. POC CODE
Due to severity of this bug i will not release any proof of concept
codes for this issue.
IV. VENDOR RESPONSE
Check: http://docs.info.apple.com/article.html?artnum=61798
. McAfee, Inc. QuickTime is used by the Mac OS X operating system and by the QuickTime media player for Microsoft Windows.
Seven code execution vulnerabilities are present in QuickTime support for various multimedia formats including: MOV, H.264, FLC, FPX and SGI.
Exploitation could lead to execution of arbitrary code. User interaction is required for an attack to succeed.
The risk rating for these issues is medium.
- Vulnerable Systems
QuickTime 7.1.2 and below for Mac OS X QuickTime for Windows 7.1.2 and below
- Vulnerability Information
CVE-2006-4382
Two buffer overflow vulnerabilities are present in QuickTime MOV format support.
CVE-2006-4384
On heap overflow vulnerability is present in QuickTime FLC format support.
CVE-2006-4385
One buffer overflow vulnerability is present in QuickTime SGI format support.
CVE-2006-4386
One buffer overflow vulnerability is present in QuickTime MOV H.264 format support.
CVE-2006-4388
One buffer overflow vulnerability is present in QuickTime FlashPix (FPX) format support.
CVE-2006-4389
One uninitialized memory access vulnerability is present in QuickTime FlashPix (FPX) format support.
- Resolution
Apple has included fixes for the QuickTime issues in QuickTime version 7.1.3 for Mac OS X and for Microsoft Windows.
Further information is available at: http://docs.info.apple.com/article.html?artnum=304357
- Credits
These vulnerabilities were discovered by Mike Price of McAfee Avert Labs.
- Legal Notice
Copyright (C) 2006 McAfee, Inc. The information contained within this advisory is provided for the convenience of McAfee's customers, and may be redistributed provided that no fee is charged for distribution and that the advisory is not modified in any way. McAfee makes no representations or warranties regarding the accuracy of the information referenced in this document, or the suitability of that information for your purposes.
McAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee, Inc. and/or its affiliated companies in the United States and/or other Countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners.
Best regards,
Dave Marcus, B.A., CCNA, MCSE Security Research and Communications Manager McAfee(r) Avert(r) Labs . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gentoo Linux Security Advisory GLSA 200803-08
http://security.gentoo.org/
Severity: Normal Title: Win32 binary codecs: Multiple vulnerabilities Date: March 04, 2008 Bugs: #150288 ID: 200803-08
Synopsis
Multiple vulnerabilities in the Win32 codecs for Linux may result in the remote execution of arbitrary code.
Background
Win32 binary codecs provide support for video and audio playback.
Workaround
There is no known workaround at this time.
Resolution
All Win32 binary codecs users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
">=media-libs/win32codecs-20071007-r2"
Note: Since no updated binary versions have been released, the Quicktime libraries have been removed from the package. Please use the free alternative Quicktime implementations within VLC, MPlayer or Xine for playback.
References
[ 1 ] CVE-2006-4382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382 [ 2 ] CVE-2006-4384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384 [ 3 ] CVE-2006-4385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385 [ 4 ] CVE-2006-4386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386 [ 5 ] CVE-2006-4388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388 [ 6 ] CVE-2006-4389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389 [ 7 ] CVE-2007-4674 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674 [ 8 ] CVE-2007-6166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHzc+AuhJ+ozIKI5gRAkBQAJ45BLSUrSDb21Ro/ZHEimwyzBpqqQCcD15e VpxOGmsa3V34PILWdYXqoXE= =70De -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "apple computer",
"version": null
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "quicktime",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "7.1.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "media-libs/win32codecs 20071007-r2",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "quicktime player",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000934"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
},
{
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:quicktime",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000934"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sowhat smaillist@gmail.com Mike PricePiotr Bania bania.piotr@gmail.com Ruben Santamarta ruben@reversemode.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4386",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2006-4386",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-20494",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4386",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#308204",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#200316",
"trust": 0.8,
"value": "0.08"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#683700",
"trust": 0.8,
"value": "2.73"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#554252",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#540348",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-166",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20494",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20494"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
},
{
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381. Apple QuickTime fails to properly handle SGI images. Apple From, as a countermeasure version Quicktime 7.1.3 Has been released.Arbitrary code or commands can be executed by a remote third party, DoS You can be attacked. Successful exploits may facilitate a remote compromise of affected computers. \n\n\tCVE:\t\t\tCVE-2006-4386\n\n\tOrginal URL:\t \nhttp://piotrbania.com/all/adv/quicktime-integer-overflow-h264-adv-7.1.txt\n\n\n\tSoftware affected:\tTested on QucikTime 7.1 (Windows version), with\n\t\t\t\tall newest add-ons. \n\n\n\n\n\n\t0. DISCLAIMER\n\n\tAuthor takes no responsibility for any actions with provided \ninformations or\n\tcodes. The copyright for any material created by the author is \nreserved. Any\n\tduplication of codes or texts provided here in electronic or printed\n\tpublications is not permitted without the author\u0027s agreement. \n\n\tI. \n\n\n\tII. \nThe overflow\n\toccurs in the H.264 codec. \n\n\t\n\tVulnerable code:\n\n\t6825a28f 668b4806 mov cx,[eax+0x6]\t\t; cx = controled by \nattacker\n\t6825a293 660fb6d5 movzx dx,ch\t\t\t; dx = 0x00XX (XX - controled \nby attacker)\n\t6825a297 8af1 mov dh,cl\t\t\t; dx = 0xXXXX (-//-)\n\t6825a299 8bca mov ecx,edx\t\t; ecx = edx\n\t6825a29b 6681f90001 cmp cx,0x100\t\t; compare cx with 0x100\n\t6825a2a0 7f3d jg QuickTimeH264!JVTCompComponentDispatch+0x917c \n(6825a2df) ; (*1*)\n\t6825a2a2 0fbfd1 movsx edx,cx\t\t; (*2*)\n\t6825a2a5 8bca mov ecx,edx\n\t6825a2a7 8bd9 mov ebx,ecx\n\t6825a2a9 c1e902 shr ecx,0x2\n\t6825a2ac 8d7008 lea esi,[eax+0x8]\n\t6825a2af 8d7c2418 lea edi,[esp+0x18]\n\t6825a2b3 f3a5 rep movsd ds:00fb8000=????????\n\n\n\t*1 - JG jumps, takes care of the sign so in this case we have an \nsecurity check for upper\n\t bounds, but when cx is a negative number this check is bypassed. \nNo lower bounds\n\t checks were applied - bad. \n\n\t*2 - Due to the bypass of the point *1 EDX is now CX extended by sign \n(in this case its\n\t negative), EDX now looks like 0xFFFFXXXX, the integer is \noverflowed and rep movsd\n\t causes an memory corruption (obvious fact is that ECX is related \nto EDX). \n\t\t\n\n\n\tDebugger output:\n\n\teax=00fb2028 ebx=ffffc9c9 ecx=3fffda7e edx=ffffc9c9 esi=00fb8000 \nedi=00141688\n\teip=6825a2b3 esp=0013b6a0 ebp=0013b8c4 iopl=0 nv up ei pl nz ac \npo nc\n\tcs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 \nefl=00010216\n\t*** ERROR: Symbol file could not be found. Defaulted to export symbols \nfor E:\\Quicktime\\QTSystem\\QuickTimeH264.qtx -\n\tQuickTimeH264!JVTCompComponentDispatch+0x9150:\n\t6825a2b3 f3a5 rep movsd ds:00fb8000=???????? \nes:00141688=00000000\n\n\n\tThe vulnerability may lead to remote code execution when specially\n\tcrafted video file (MOV file) is being loaded. \n\n\t\n\tIII. POC CODE\n\n\tDue to severity of this bug i will not release any proof of concept\n codes for this issue. \n\n\tIV. VENDOR RESPONSE\n\n\tCheck: http://docs.info.apple.com/article.html?artnum=61798\n\t\n\n\n\t\n. \nMcAfee, Inc. QuickTime is used by the Mac OS X operating system and\nby the QuickTime media player for Microsoft Windows. \n\nSeven code execution vulnerabilities are present in QuickTime support\nfor various multimedia formats including: MOV, H.264, FLC, FPX and SGI. \n\nExploitation could lead to execution of arbitrary code. User interaction\nis required for an attack to succeed. \n\nThe risk rating for these issues is medium. \n\n_________________________________________________\n\n*\tVulnerable Systems\n\nQuickTime 7.1.2 and below for Mac OS X\nQuickTime for Windows 7.1.2 and below\n\n_________________________________________________\n\n*\tVulnerability Information\n\nCVE-2006-4382\n\nTwo buffer overflow vulnerabilities are present in QuickTime MOV format\nsupport. \n\nCVE-2006-4384\n\nOn heap overflow vulnerability is present in QuickTime FLC format\nsupport. \n\nCVE-2006-4385\n\nOne buffer overflow vulnerability is present in QuickTime SGI format\nsupport. \n\nCVE-2006-4386\n\nOne buffer overflow vulnerability is present in QuickTime MOV H.264\nformat support. \n\nCVE-2006-4388\n\nOne buffer overflow vulnerability is present in QuickTime FlashPix (FPX)\nformat support. \n\nCVE-2006-4389\n\nOne uninitialized memory access vulnerability is present in QuickTime\nFlashPix (FPX) format support. \n\n_________________________________________________\n\n\n*\tResolution\n\nApple has included fixes for the QuickTime issues in QuickTime version\n7.1.3 for Mac OS X and for Microsoft Windows. \n\nFurther information is available at:\nhttp://docs.info.apple.com/article.html?artnum=304357\n\n_________________________________________________\n\n*\tCredits\n\nThese vulnerabilities were discovered by Mike Price of McAfee Avert\nLabs. \n\n_________________________________________________\n\n\n*\tLegal Notice\n\nCopyright (C) 2006 McAfee, Inc. \nThe information contained within this advisory is provided for the\nconvenience of McAfee\u0027s customers, and may be redistributed provided\nthat no fee is charged for distribution and that the advisory is not\nmodified in any way. McAfee makes no representations or warranties\nregarding the accuracy of the information referenced in this document,\nor the suitability of that information for your purposes. \n\nMcAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee,\nInc. and/or its affiliated companies in the United States and/or other\nCountries. All other registered and unregistered trademarks in this\ndocument are the sole property of their respective owners. \n\n\nBest regards,\n\nDave Marcus, B.A., CCNA, MCSE\nSecurity Research and Communications Manager\nMcAfee(r) Avert(r) Labs\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200803-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Win32 binary codecs: Multiple vulnerabilities\n Date: March 04, 2008\n Bugs: #150288\n ID: 200803-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in the Win32 codecs for Linux may result in\nthe remote execution of arbitrary code. \n\nBackground\n==========\n\nWin32 binary codecs provide support for video and audio playback. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Win32 binary codecs users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n\"\u003e=media-libs/win32codecs-20071007-r2\"\n\nNote: Since no updated binary versions have been released, the\nQuicktime libraries have been removed from the package. Please use the\nfree alternative Quicktime implementations within VLC, MPlayer or Xine\nfor playback. \n\nReferences\n==========\n\n [ 1 ] CVE-2006-4382\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382\n [ 2 ] CVE-2006-4384\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384\n [ 3 ] CVE-2006-4385\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385\n [ 4 ] CVE-2006-4386\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386\n [ 5 ] CVE-2006-4388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388\n [ 6 ] CVE-2006-4389\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389\n [ 7 ] CVE-2007-4674\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674\n [ 8 ] CVE-2007-6166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.7 (GNU/Linux)\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\n\niD8DBQFHzc+AuhJ+ozIKI5gRAkBQAJ45BLSUrSDb21Ro/ZHEimwyzBpqqQCcD15e\nVpxOGmsa3V34PILWdYXqoXE=\n=70De\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4386"
},
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000934"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "VULHUB",
"id": "VHN-20494"
},
{
"db": "PACKETSTORM",
"id": "49968"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "64267"
}
],
"trust": 5.85
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-20494",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20494"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "21893",
"trust": 4.9
},
{
"db": "CERT/CC",
"id": "VU#554252",
"trust": 3.6
},
{
"db": "USCERT",
"id": "TA06-256A",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2006-4386",
"trust": 3.1
},
{
"db": "BID",
"id": "19976",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#308204",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#683700",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#540348",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1016830",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29182",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "28773",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-3577",
"trust": 1.7
},
{
"db": "SREASON",
"id": "1550",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#200316",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000934",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20060913 MULTIPLE VULNERABILITIES IN APPLE QUICKTIME",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060912 APPLE QUICKTIME PLAYER H.264 CODEC REMOTE INTEGER OVERFLOW",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA06-256A",
"trust": 0.6
},
{
"db": "XF",
"id": "28934",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-09-12",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200803-08",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-166",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "49968",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-20494",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50015",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64267",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20494"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000934"
},
{
"db": "PACKETSTORM",
"id": "49968"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "64267"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
},
{
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"id": "VAR-200609-0313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20494"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T21:18:28.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT1338",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1338?viewlocale=ja_JP"
},
{
"title": "TA24355",
"trust": 0.8,
"url": "http://support.apple.com/kb/TA24355?viewlocale=ja_JP"
},
{
"title": "HT1222",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1222?viewlocale=ja_JP"
},
{
"title": "QuickTime 7.1.3 Update \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b3\u30f3\u30c6\u30f3\u30c4\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/quicktime713.html"
},
{
"title": "QuickTime - \u30c0\u30a6\u30f3\u30ed\u30fc\u30c9 QuickTime Player \u30b9\u30bf\u30f3\u30c9\u30a2\u30ed\u30f3\u7248\u306e\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9",
"trust": 0.8,
"url": "http://www.apple.com/jp/quicktime/download/"
},
{
"title": "TA06-256A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta06-256a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000934"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.0,
"url": "http://docs.info.apple.com/article.html?artnum=304357"
},
{
"trust": 3.3,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-256a.html"
},
{
"trust": 3.2,
"url": "http://secunia.com/advisories/21893/"
},
{
"trust": 2.9,
"url": "http://piotrbania.com/all/adv/quicktime-integer-overflow-h264-adv-7.1.txt"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/554252"
},
{
"trust": 2.4,
"url": "http://www.apple.com/support/downloads/quicktime713.html"
},
{
"trust": 2.4,
"url": "http://www.apple.com/quicktime/download/standalone.html"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/reading_room/securing_browser/"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/sep/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19976"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/28773"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21893"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29182"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/1550"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/445823/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/445888/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28934"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/308204"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/540348"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/683700"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4386"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4385"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4389"
},
{
"trust": 0.8,
"url": "http://www.cert.org/tech_tips/before_you_plug_in.html"
},
{
"trust": 0.8,
"url": "http://www.apple.com/quicktime/download/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4382"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-256a/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4382"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4385"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4389"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4386"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/2006/20060913_173644.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/445823/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/28934"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/445888/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3577"
},
{
"trust": 0.3,
"url": "http://www.apple.com/quicktime/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/200316"
},
{
"trust": 0.3,
"url": "/archive/1/445830"
},
{
"trust": 0.3,
"url": "/archive/1/445831"
},
{
"trust": 0.3,
"url": "/archive/1/445888"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4386"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4382"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4385"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4384"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4389"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4388"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"trust": 0.1,
"url": "http://www.piotrbania.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4674"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4674"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6166"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4384"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6166"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4388"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4382"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20494"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000934"
},
{
"db": "PACKETSTORM",
"id": "49968"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "64267"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
},
{
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#308204"
},
{
"db": "CERT/CC",
"id": "VU#200316"
},
{
"db": "CERT/CC",
"id": "VU#683700"
},
{
"db": "CERT/CC",
"id": "VU#554252"
},
{
"db": "CERT/CC",
"id": "VU#540348"
},
{
"db": "VULHUB",
"id": "VHN-20494"
},
{
"db": "BID",
"id": "19976"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000934"
},
{
"db": "PACKETSTORM",
"id": "49968"
},
{
"db": "PACKETSTORM",
"id": "50015"
},
{
"db": "PACKETSTORM",
"id": "64267"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
},
{
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#308204"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#200316"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#683700"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#554252"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#540348"
},
{
"date": "2006-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-20494"
},
{
"date": "2006-09-12T00:00:00",
"db": "BID",
"id": "19976"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000934"
},
{
"date": "2006-09-13T09:29:12",
"db": "PACKETSTORM",
"id": "49968"
},
{
"date": "2006-09-14T07:22:52",
"db": "PACKETSTORM",
"id": "50015"
},
{
"date": "2008-03-04T22:49:07",
"db": "PACKETSTORM",
"id": "64267"
},
{
"date": "2006-09-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-166"
},
{
"date": "2006-09-12T23:07:00",
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#308204"
},
{
"date": "2006-09-15T00:00:00",
"db": "CERT/CC",
"id": "VU#200316"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#683700"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#554252"
},
{
"date": "2006-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#540348"
},
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-20494"
},
{
"date": "2008-03-04T23:32:00",
"db": "BID",
"id": "19976"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000934"
},
{
"date": "2006-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-166"
},
{
"date": "2018-10-17T21:36:53.167000",
"db": "NVD",
"id": "CVE-2006-4386"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "49968"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime fails to properly handle SGI images",
"sources": [
{
"db": "CERT/CC",
"id": "VU#308204"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-166"
}
],
"trust": 0.6
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.