Think you have a false positive on this rule?

Sid 1-47033

Message

FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt

Summary

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

Impact

CVSS base score 6.8 CVSS impact score 6.4 CVSS exploitability score 8.6 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2012-0659:

CVSS base score 6.8

CVSS impact score 6.4

CVSS exploitability score 8.6

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2012-0659: Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

Affected systems

  • apple macosx 10.0
  • apple macosx 10.0.0
  • apple macosx 10.0.1
  • apple macosx 10.0.2
  • apple macosx 10.0.3
  • apple macosx 10.0.4
  • apple macosx 10.1
  • apple macosx 10.1.0
  • apple macosx 10.1.1
  • apple macosx 10.1.2
  • apple macosx 10.1.3
  • apple macosx 10.1.4
  • apple macosx 10.1.5
  • apple macosx 10.2
  • apple macosx 10.2.0
  • apple macosx 10.2.1
  • apple macosx 10.2.2
  • apple macosx 10.2.3
  • apple macosx 10.2.4
  • apple macosx 10.2.5
  • apple macosx 10.2.6
  • apple macosx 10.2.7
  • apple macosx 10.2.8
  • apple macosx 10.3
  • apple macosx 10.3.0
  • apple macosx 10.3.1
  • apple macosx 10.3.2
  • apple macosx 10.3.3
  • apple macosx 10.3.4
  • apple macosx 10.3.5
  • apple macosx 10.3.6
  • apple macosx 10.3.7
  • apple macosx 10.3.8
  • apple macosx 10.3.9
  • apple macosx 10.4
  • apple macosx 10.4.0
  • apple macosx 10.4.1
  • apple macosx 10.4.2
  • apple macosx 10.4.3
  • apple macosx 10.4.4
  • apple macosx 10.4.5
  • apple macosx 10.4.6
  • apple macosx 10.4.7
  • apple macosx 10.4.8
  • apple macosx 10.4.9
  • apple macosx 10.4.10
  • apple macosx 10.4.11
  • apple macosx 10.5
  • apple macosx 10.5.0
  • apple macosx 10.5.1
  • apple macosx 10.5.2
  • apple macosx 10.5.3
  • apple macosx 10.5.4
  • apple macosx 10.5.5
  • apple macosx 10.5.6
  • apple macosx 10.5.7
  • apple macosx 10.5.8
  • apple macosx 10.6.0
  • apple macosx 10.6.1
  • apple macosx 10.6.2
  • apple macosx 10.6.3
  • apple macosx 10.6.4
  • apple macosx 10.6.5
  • apple macosx 10.6.6
  • apple macosx 10.6.7
  • apple macosx 10.6.8
  • apple macosx 10.7.0
  • apple macosx 10.7.1
  • apple macosx 10.7.2
  • apple macosx 10.7.3
  • apple macosx_server 10.0
  • apple macosx_server 10.0.0
  • apple macosx_server 10.0.1
  • apple macosx_server 10.0.2
  • apple macosx_server 10.0.3
  • apple macosx_server 10.0.4
  • apple macosx_server 10.1
  • apple macosx_server 10.1.0
  • apple macosx_server 10.1.1
  • apple macosx_server 10.1.2
  • apple macosx_server 10.1.3
  • apple macosx_server 10.1.4
  • apple macosx_server 10.1.5
  • apple macosx_server 10.2
  • apple macosx_server 10.2.0
  • apple macosx_server 10.2.1
  • apple macosx_server 10.2.2
  • apple macosx_server 10.2.3
  • apple macosx_server 10.2.4
  • apple macosx_server 10.2.5
  • apple macosx_server 10.2.6
  • apple macosx_server 10.2.7
  • apple macosx_server 10.2.8
  • apple macosx_server 10.3
  • apple macosx_server 10.3.0
  • apple macosx_server 10.3.1
  • apple macosx_server 10.3.2
  • apple macosx_server 10.3.3
  • apple macosx_server 10.3.4
  • apple macosx_server 10.3.5
  • apple macosx_server 10.3.6
  • apple macosx_server 10.3.7
  • apple macosx_server 10.3.8
  • apple macosx_server 10.3.9
  • apple macosx_server 10.4
  • apple macosx_server 10.4.0
  • apple macosx_server 10.4.1
  • apple macosx_server 10.4.2
  • apple macosx_server 10.4.3
  • apple macosx_server 10.4.4
  • apple macosx_server 10.4.5
  • apple macosx_server 10.4.6
  • apple macosx_server 10.4.7
  • apple macosx_server 10.4.8
  • apple macosx_server 10.4.9
  • apple macosx_server 10.4.10
  • apple macosx_server 10.4.11
  • apple macosx_server 10.5
  • apple macosx_server 10.5.0
  • apple macosx_server 10.5.1
  • apple macosx_server 10.5.2
  • apple macosx_server 10.5.3
  • apple macosx_server 10.5.4
  • apple macosx_server 10.5.5
  • apple macosx_server 10.5.6
  • apple macosx_server 10.5.7
  • apple macosx_server 10.5.8
  • apple macosx_server 10.6.0
  • apple macosx_server 10.6.1
  • apple macosx_server 10.6.2
  • apple macosx_server 10.6.3
  • apple macosx_server 10.6.4
  • apple macosx_server 10.6.5
  • apple macosx_server 10.6.6
  • apple macosx_server 10.6.7
  • apple macosx_server 10.6.8
  • apple macosx_server 10.7.0
  • apple macosx_server 10.7.1
  • apple macosx_server 10.7.2
  • apple macosx_server 10.7.3

Ease of attack

CVE-2012-0659:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • osvdb.org/show/osvdb/81931
  • support.apple.com/kb/HT5261