CVE-2008-0033

{"id": "CVE-2008-0033", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-01-16T03:00:00.000", "references": [{"url": "http://docs.info.apple.com/article.html?artnum=307301", "source": "cve@mitre.org"}, {"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-01", "source": "cve@mitre.org"}, {"url": "http://lists.apple.com/archives/security-announce/2008/Jan/msg00001.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28502", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/486413/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/27299", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1019221", "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-016A.html", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0148", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39697", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en Apple QuickTime versiones anteriores a 7.4, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (finalizaci\u00f3n de aplicaci\u00f3n) y ejecutar c\u00f3digo arbitrario por medio de un archivo de pel\u00edcula con \u00e1tomos de Image Descriptor (IDSC) que contiene un tama\u00f1o de \u00e1tomo no v\u00e1lido, lo que desencadena una corrupci\u00f3n de la memoria."}], "lastModified": "2018-10-15T21:57:07.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A93D8F3E-D7CF-4C11-BE95-BD5BBEB3F7B3", "versionEndIncluding": "7.3.1.70"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}