What is the severity of CVE-2008-3635?

CVE-2008-3635 is classified as a critical vulnerability due to its potential to allow remote code execution.

How do I fix CVE-2008-3635?

To mitigate CVE-2008-3635, update your Apple QuickTime to version 7.5.5 or later.

What software is affected by CVE-2008-3635?

CVE-2008-3635 affects Apple QuickTime versions prior to 7.5.5, particularly when using the Indeo v3.2 codec.

Can CVE-2008-3635 cause a denial of service?

Yes, CVE-2008-3635 can lead to a denial of service, causing the application to crash.

What codec is related to CVE-2008-3635?

The vulnerability CVE-2008-3635 is associated with the Indeo v3.2 codec used in QuickTime.

Vulnerability/
CVE-2008-3635

critical

9.3

CWE

119

10/9/2008

7/8/2024

CVE-2008-3635: Buffer Overflow

First published: Wed Sep 10 2008(Updated: )

Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Apple QuickTime	<=7.5
Apple QuickTime	=7.0
Apple QuickTime	=7.0.1
Apple QuickTime	=7.0.2
Apple QuickTime	=7.0.3
Apple QuickTime	=7.0.4
Apple QuickTime	=7.1
Apple QuickTime	=7.1.1
Apple QuickTime	=7.1.2
Apple QuickTime	=7.1.3
Apple QuickTime	=7.1.4
Apple QuickTime	=7.1.5
Apple QuickTime	=7.1.6
Apple QuickTime	=7.2
Apple QuickTime	=7.3
Apple QuickTime	=7.3.1
Apple QuickTime	=7.3.1.70
Apple QuickTime	=7.4
Apple QuickTime	=7.4.1
Apple QuickTime	=7.4.5
Intel Indeo	=3.2
Microsoft Windows NT	=xp-sp3
Microsoft Windows Vista
Microsoft Windows XP	=sp2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-3635?
CVE-2008-3635 is classified as a critical vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2008-3635?
To mitigate CVE-2008-3635, update your Apple QuickTime to version 7.5.5 or later.
What software is affected by CVE-2008-3635?
CVE-2008-3635 affects Apple QuickTime versions prior to 7.5.5, particularly when using the Indeo v3.2 codec.
Can CVE-2008-3635 cause a denial of service?
Yes, CVE-2008-3635 can lead to a denial of service, causing the application to crash.
What codec is related to CVE-2008-3635?
The vulnerability CVE-2008-3635 is associated with the Indeo v3.2 codec used in QuickTime.

collector/nvd-historical
agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/weakness
agent/last-modified-date
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/apple quicktime
version/apple quicktime/7.5
version/apple quicktime/7.0
version/apple quicktime/7.0.1
version/apple quicktime/7.0.2
version/apple quicktime/7.0.3
version/apple quicktime/7.0.4
version/apple quicktime/7.1
version/apple quicktime/7.1.1
version/apple quicktime/7.1.2
version/apple quicktime/7.1.3
version/apple quicktime/7.1.4
version/apple quicktime/7.1.5
version/apple quicktime/7.1.6
version/apple quicktime/7.2
version/apple quicktime/7.3
version/apple quicktime/7.3.1
version/apple quicktime/7.3.1.70
version/apple quicktime/7.4
version/apple quicktime/7.4.1
version/apple quicktime/7.4.5
vendor/intel
canonical/intel indeo
version/intel indeo/3.2
vendor/microsoft
canonical/microsoft windows nt
version/microsoft windows nt/xp-sp3
canonical/microsoft windows vista
canonical/microsoft windows xp
version/microsoft windows xp/sp2