CVE-2013-1019 — HIGH (9.3) — White Hats Nepal

Q: What is CVE-2013-1019?

CVE-2013-1019 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

Q: How severe is CVE-2013-1019?

CVE-2013-1019 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-1019?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Quicktime, Microsoft Windows 7, Microsoft Windows Vista, Microsoft Windows Xp, Apple Iphone Os.

Vulnerability Description

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Apple	Quicktime	<= 7.7.3
Microsoft	Windows 7	All versions
Microsoft	Windows Vista	All versions
Microsoft	Windows Xp	All versions
Apple	Iphone Os	<= 6.1.4

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2013-1019?

CVE-2013-1019 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

How severe is CVE-2013-1019?

CVE-2013-1019 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-1019?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Quicktime, Microsoft Windows 7, Microsoft Windows Vista, Microsoft Windows Xp, Apple Iphone Os.