4.3
CVE-2008-1014
- EPSS 2.34%
- Veröffentlicht 04.04.2008 17:44:00
- Zuletzt bearbeitet 16.06.2026 22:50:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.34% | 0.814 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://secunia.com/advisories/29650
http://support.apple.com/kb/HT1241
http://www.securityfocus.com/bid/28583
http://www.us-cert.gov/cas/techalerts/TA08-094A.html
http://www.vupen.com/english/advisories/2008/1078
http://securitytracker.com/id?1019758
https://exchange.xforce.ibmcloud.com/vulnerabilities/41602