Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2010

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2010
Last Modified 10 Mar 2010 12:00:00
Published 29 Apr 2008 08:10:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2010

Summary

Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Vulnerable Systems

Application

  • Apple Quicktime


References

XF - quicktime-unspecifiedremote-code-execution(42098)

SECTRACK - 1019950

BID - 28959

MISC - http://www.gnucitizen.org/blog/quicktime-0day-for-vista-and-xp/


Last Updated: 27 May 2016 10:47:44