CVE-2008-3614Apple Quicktime vulnerability

CWE-1894 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
32.9%
top 3.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Quicktime
Timeline
PublishedSep 11
Latest updateMay 2

Description

Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, which triggers heap corruption.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDapple/quicktime7.5+19

🔴Vulnerability Details

2
GHSA
GHSA-pw6x-r6v2-63cw: Integer overflow in Apple QuickTime before 72022-05-02
CVEList
CVE-2008-3614: Integer overflow in Apple QuickTime before 72008-09-10

💥Exploits & PoCs

1
Exploit-DB
Unreal Tournament 3 1.3 - Directory Traversal2008-09-21
CVE-2008-3614 — Apple Quicktime vulnerability | cvebase