PT-2005-1930 · Apple · Quicktime Pictureviewer

Liquid

Published

2005-03-29

Updated

2016-10-18

CVE-2005-0903

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions QuickTime PictureViewer version 6.5.1

Description The issue is related to a buffer overflow that can be triggered by a specially crafted JPEG file, specifically through the Huffman Table (marker DHT) data. This can cause a denial of service, resulting in the application crashing.

Recommendations For QuickTime PictureViewer version 6.5.1, consider avoiding the use of JPEG files with crafted Huffman Table data until a patch is available. As a temporary workaround, restrict the opening of JPEG files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0903

Affected Products

Quicktime Pictureviewer

PT-2005-1930 · Apple · Quicktime Pictureviewer

CVE-2005-0903

Related Identifiers

Affected Products

References · 4