CVE-2004-0988 — Apple Quicktime vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.7%

top 28.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Quicktime

Timeline

PublishedMar 1

Latest updateApr 29

Description

Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/quicktime5 versions+4

🔴Vulnerability Details

GHSA

GHSA-mfpq-g8hx-vfh4: Integer overflow on Apple QuickTime before 6↗2022-04-29

▶

CVEList

CVE-2004-0988: Integer overflow on Apple QuickTime before 6↗2004-10-28

▶

💬Community

Bugzilla

CAN-2003-0988 kdepim VCF parsing vulnerability↗2004-01-07

▶