Vulnerability in N/a
CVE-2009-0010
Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image…
EPSS: 0.528 (98.0th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- www.zerodayinitiative.com/advisories/ZDI-09-021/ (x_refsource_MISC)
- 35091 (x_refsource_SECUNIA, third-party-advisory)
- support.apple.com/kb/HT3549 (x_refsource_CONFIRM)
- support.apple.com/kb/HT3591 (x_refsource_CONFIRM)
- 35074 (x_refsource_SECUNIA, third-party-advisory)
- ADV-2009-1407 (vdb-entry, x_refsource_VUPEN)
- 1022209 (vdb-entry, x_refsource_SECTRACK)
- APPLE-SA-2009-05-12 (vendor-advisory, x_refsource_APPLE)
- 20090527 ZDI-09-021: Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability (mailing-list, x_refsource_BUGTRAQ)
- www.vupen.com/exploits/Apple_QuickTime_PICT_Poly_Tag_Parsing_Heap_Overflow_PoC_… (x_refsource_MISC)