CVE-2006-4386 — Apple Quicktime vulnerability

4 documents4 sources

Severity

5.1MEDIUMNVD

EPSS

29.6%

top 3.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Quicktime

Timeline

PublishedSep 12

Latest updateMay 1

Description

Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

▶NVDapple/quicktime7.1.2+14

Patches

Patch: lists.apple.com ↗Patch: www.securityfocus.com ↗Patch: lists.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-53xm-m68r-6v2h: Integer overflow in Apple QuickTime before 7↗2022-05-01

▶

CVEList

CVE-2006-4386: Integer overflow in Apple QuickTime before 7↗2006-09-12

▶

💥Exploits & PoCs

Exploit-DB

xweblog 2.1 - 'kategori.asp' SQL Injection↗2006-09-22

▶