7.5

CVE-2005-1248

Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiTunes Version4.2.72
AppleiTunes Version4.5
AppleiTunes Version4.6
AppleiTunes Version4.7
AppleiTunes Version4.7.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.4% 0.916
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://docs.info.apple.com/article.html?artnum=301596
http://lists.apple.com/archives/security-announce/2005/May/msg00003.html
Patch
Vendor Advisory
http://secunia.com/advisories/15310
Patch
Vendor Advisory
http://securitytracker.com/id?1013927
Patch
Vendor Advisory
http://www.ngssoftware.com/advisories/itunes.txt
http://www.osvdb.org/16243
Vendor Advisory
http://www.securityfocus.com/bid/13565
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2005/0504
https://exchange.xforce.ibmcloud.com/vulnerabilities/20498
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17304