CVE-2013-1019Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
3.6%
top 12.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Iphone OSApple Quicktime
Timeline
PublishedMay 24
Latest updateMay 17

Description

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDapple/quicktime7.7.3+51
NVDapple/iphone_os6.1.4+47

🔴Vulnerability Details

2
GHSA
GHSA-4xp3-7w3w-f89v: Buffer overflow in Apple QuickTime before 72022-05-17
CVEList
CVE-2013-1019: Buffer overflow in Apple QuickTime before 72013-05-24
CVE-2013-1019 — Apple Iphone OS vulnerability | cvebase