CVE-2012-0667 — Apple Quicktime vulnerability

CWE-1893 documents3 sources

Severity

9.3CRITICALNVD

EPSS

3.5%

top 12.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Quicktime

Timeline

PublishedMay 16

Latest updateMay 17

Description

Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/quicktime7.7.1+63

🔴Vulnerability Details

GHSA

GHSA-39qw-pvp7-hp57: Integer signedness error in Apple QuickTime before 7↗2022-05-17

▶

CVEList

CVE-2012-0667: Integer signedness error in Apple QuickTime before 7↗2012-05-16

▶