Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1818Access of Uninitialized Pointer in Apple Quicktime

CWE-824Access of Uninitialized Pointer5 documents4 sources
Severity
9.3CRITICALNVD
EPSS
77.1%
top 1.03%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apple Quicktime
Timeline
PublishedAug 31
Latest updateMay 17

Description

The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapple/quicktime47 versions+46

🔴Vulnerability Details

2
GHSA
GHSA-h498-whqr-q683: The IPersistPropertyBag2::Read function in QTPlugin2022-05-17
CVEList
CVE-2010-1818: The IPersistPropertyBag2::Read function in QTPlugin2010-08-31

💥Exploits & PoCs

2
Exploit-DB
Apple QuickTime 7.6.7 - _Marshaled_pUnk Code Execution (Metasploit)2011-01-08
Exploit-DB
Apple QuickTime - '_Marshaled_pUnk' Backdoor Client-Side Arbitrary Code Execution2010-08-30
CVE-2010-1818 — Access of Uninitialized Pointer | cvebase