cpe:/a:apple:quicktime:3.0 cpe:/a:apple:quicktime:4.1.2 cpe:/a:apple:quicktime:5.0 cpe:/a:apple:quicktime:5.0.1 cpe:/a:apple:quicktime:5.0.2 cpe:/a:apple:quicktime:6.0 cpe:/a:apple:quicktime:6.0.0 cpe:/a:apple:quicktime:6.0.1 cpe:/a:apple:quicktime:6.0.2 cpe:/a:apple:quicktime:6.1 cpe:/a:apple:quicktime:6.1.0 cpe:/a:apple:quicktime:6.1.1 cpe:/a:apple:quicktime:6.2.0 cpe:/a:apple:quicktime:6.3.0 cpe:/a:apple:quicktime:6.4.0 cpe:/a:apple:quicktime:6.5 cpe:/a:apple:quicktime:6.5.0 cpe:/a:apple:quicktime:6.5.1 cpe:/a:apple:quicktime:6.5.2 cpe:/a:apple:quicktime:7.0 cpe:/a:apple:quicktime:7.0.0 cpe:/a:apple:quicktime:7.0.1 cpe:/a:apple:quicktime:7.0.2 cpe:/a:apple:quicktime:7.0.3 cpe:/a:apple:quicktime:7.0.4 cpe:/a:apple:quicktime:7.1 cpe:/a:apple:quicktime:7.1.0 cpe:/a:apple:quicktime:7.1.1 cpe:/a:apple:quicktime:7.1.2 cpe:/a:apple:quicktime:7.1.3 cpe:/a:apple:quicktime:7.1.4 cpe:/a:apple:quicktime:7.1.5 cpe:/a:apple:quicktime:7.1.6 cpe:/a:apple:quicktime:7.2 cpe:/a:apple:quicktime:7.2.1 cpe:/a:apple:quicktime:7.3 cpe:/a:apple:quicktime:7.3.0 cpe:/a:apple:quicktime:7.3.1 cpe:/a:apple:quicktime:7.3.1.70 cpe:/a:apple:quicktime:7.4 cpe:/a:apple:quicktime:7.4.0 cpe:/a:apple:quicktime:7.4.1 cpe:/a:apple:quicktime:7.4.5 cpe:/a:apple:quicktime:7.5.0 cpe:/a:apple:quicktime:7.5.5 CVE-2009-0006 2009-01-21T15:30:00.343-05:00 2017-09-28T21:33:34.543-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-01-22T10:02:00.000-05:00 BUGTRAQ 20090121 ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability BUGTRAQ 20090124 Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability BID 33388 SECUNIA 33632 OSVDB 51529 VUPEN ADV-2009-0212 APPLE APPLE-SA-2009-01-21 CERT TA09-022A CONFIRM http://support.apple.com/kb/HT3403 MISC http://www.zerodayinitiative.com/advisories/ZDI-09-007/ Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow.