PT-2006-2463 · Apple · Apple Quicktime+1
Published
2006-05-12
·
Updated
2017-07-20
·
CVE-2006-1455
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Apple Mac OS X versions 10.3.9 through 10.4.6
Description
The issue allows remote attackers to cause a denial of service, resulting in a crash and connection interruption. This is achieved by using a QuickTime movie with a missing track, which triggers a null dereference.
Recommendations
For Apple Mac OS X versions 10.3.9 through 10.4.6, consider restricting access to QuickTime movies until a fix is available. As a temporary workaround, avoid using QuickTime movies with missing tracks to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Macos X
Apple Quicktime