Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string.
Threat-Mapped Scoring
Score: 1.8
Priority: P4 - Informational (Low)
S9 – Sabotage of System/App
EPSS
Score: 0.01442Percentile:
0.79845
CVSS Scoring
CVSS v2 Score: 5.1
Severity:
Affected Products
cpe:2.3:a:apple:quicktime:*:*:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.2:*:*:*:*:*
cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.3:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.3:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.4:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me