Executive Summary

Informations
Name CVE-2006-4384 First vendor Publication 2006-09-12
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score 5.1 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 136

OpenVAS Exploits

Date Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200803-08 (win32codecs)
File : nvt/glsa_200803_08.nasl
2008-09-04 Name : FreeBSD Ports: win32-codecs
File : nvt/freebsd_win32-codecs.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
28771 Apple QuickTime FLC Movie COLOR_64 Chunk Overflow

A local overflow exists in Quicktime. The program fails to validate FLC files resulting in a heap buffer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 Apple QuickTime FLIC animation file buffer overflow attempt
RuleID : 16041 - Revision : 13 - Type : FILE-MULTIMEDIA

Nessus® Vulnerability Scanner

Date Description
2008-03-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200803-08.nasl - Type : ACT_GATHER_INFO
2006-10-20 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_24f6b1eb43d511db81e1000e0c2e438a.nasl - Type : ACT_GATHER_INFO
2006-09-13 Name : The remote version of QuickTime is affected by multiple overflow vulnerabilit...
File : macosx_Quicktime713.nasl - Type : ACT_GATHER_INFO
2006-09-13 Name : The remote version of QuickTime is affected by multiple overflow vulnerabilit...
File : quicktime_713.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://docs.info.apple.com/article.html?artnum=304357
http://lists.apple.com/archives/Security-announce/2006/Sep/msg00000.html
http://secunia.com/advisories/21893
http://secunia.com/advisories/29182
http://security.gentoo.org/glsa/glsa-200803-08.xml
http://securityreason.com/securityalert/1554
http://securitytracker.com/id?1016830
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=413
http://www.kb.cert.org/vuls/id/489836
http://www.osvdb.org/28771
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&f...
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&f...
http://www.securityfocus.com/archive/1/445888/100/0/threaded
http://www.securityfocus.com/archive/1/446134/100/0/threaded
http://www.securityfocus.com/bid/19976
http://www.vupen.com/english/advisories/2006/3577
https://exchange.xforce.ibmcloud.com/vulnerabilities/28930
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Date Informations
2024-11-28 23:19:33
  • Multiple Updates
2024-11-28 12:09:50
  • Multiple Updates
2021-05-04 12:04:29
  • Multiple Updates
2021-04-22 01:05:08
  • Multiple Updates
2020-05-24 01:02:41
  • Multiple Updates
2020-05-23 00:18:17
  • Multiple Updates
2018-10-18 00:19:40
  • Multiple Updates
2017-11-23 12:02:11
  • Multiple Updates
2017-11-22 12:02:04
  • Multiple Updates
2017-07-20 09:23:51
  • Multiple Updates
2016-10-15 12:01:08
  • Multiple Updates
2016-06-28 15:55:49
  • Multiple Updates
2016-04-26 15:00:24
  • Multiple Updates
2014-02-17 10:37:01
  • Multiple Updates
2014-01-19 21:23:30
  • Multiple Updates
2013-05-11 11:07:37
  • Multiple Updates