What is the severity of CVE-2009-0010?

CVE-2009-0010 has a critical severity rating as it allows remote attackers to execute arbitrary code or cause application crashes.

How do I fix CVE-2009-0010?

To fix CVE-2009-0010, update the affected software to Apple QuickTime version 7.6.2 or later and Mac OS X to version 10.5.7 or later.

Which versions are affected by CVE-2009-0010?

CVE-2009-0010 affects Apple Mac OS X versions 10.4.11 and 10.5 prior to 10.5.7, as well as earlier versions of QuickTime before 7.6.2.

What types of attacks can CVE-2009-0010 facilitate?

CVE-2009-0010 can facilitate remote code execution and denial of service attacks through specially crafted PICT images.

What is the impact of CVE-2009-0010?

The impact of CVE-2009-0010 includes potential arbitrary code execution and crashes of the affected applications.

Vulnerability/
CVE-2009-0010

critical

9.3

CWE

189 119

13/5/2009

7/8/2024

CVE-2009-0010: Buffer Overflow

First published: Wed May 13 2009(Updated: )

Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a crafted 0x77 Poly tag and a crafted length field, which triggers a heap-based buffer overflow.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Apple Mac OS X Server	=10.5.2
macOS Yosemite	=10.5.6
Apple Mac OS X Server	=10.4.11
macOS Yosemite	=10.5.5
macOS Yosemite	=10.5.1
Apple Mac OS X Server	=10.5.1
Apple Mac OS X Server	=10.5.6
macOS Yosemite	=10.5.3
macOS Yosemite	=10.5.0
Apple Mac OS X Server	=10.5.0
Apple Mac OS X Server	=10.5.3
macOS Yosemite	=10.5
Apple Mac OS X Server	=10.5.4
macOS Yosemite	=10.5.2
macOS Yosemite	=10.4.11
Apple Mac OS X Server	=10.5
macOS Yosemite	=10.5.4
Apple Mac OS X Server	=10.4.11
Apple Mac OS X Server	=10.5
Apple Mac OS X Server	=10.5.0
Apple Mac OS X Server	=10.5.1
Apple Mac OS X Server	=10.5.2
Apple Mac OS X Server	=10.5.3
Apple Mac OS X Server	=10.5.4
Apple Mac OS X Server	=10.5.6

Remedy

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Remedy

http://support.apple.com/kb/HT3549

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0010?
CVE-2009-0010 has a critical severity rating as it allows remote attackers to execute arbitrary code or cause application crashes.
How do I fix CVE-2009-0010?
To fix CVE-2009-0010, update the affected software to Apple QuickTime version 7.6.2 or later and Mac OS X to version 10.5.7 or later.
Which versions are affected by CVE-2009-0010?
CVE-2009-0010 affects Apple Mac OS X versions 10.4.11 and 10.5 prior to 10.5.7, as well as earlier versions of QuickTime before 7.6.2.
What types of attacks can CVE-2009-0010 facilitate?
CVE-2009-0010 can facilitate remote code execution and denial of service attacks through specially crafted PICT images.
What is the impact of CVE-2009-0010?
The impact of CVE-2009-0010 includes potential arbitrary code execution and crashes of the affected applications.

agent/references
agent/type
agent/softwarecombine
agent/remedy
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/weakness
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/apple
canonical/apple mac os x server
version/apple mac os x server/10.5.2
canonical/macos yosemite
version/macos yosemite/10.5.6
version/apple mac os x server/10.4.11
version/macos yosemite/10.5.5
version/macos yosemite/10.5.1
version/apple mac os x server/10.5.1
version/apple mac os x server/10.5.6
version/macos yosemite/10.5.3
version/macos yosemite/10.5.0
version/apple mac os x server/10.5.0
version/apple mac os x server/10.5.3
version/macos yosemite/10.5
version/apple mac os x server/10.5.4
version/macos yosemite/10.5.2
version/macos yosemite/10.4.11
version/apple mac os x server/10.5
version/macos yosemite/10.5.4

Frequently Asked Questions

What is the severity of CVE-2009-0010?
CVE-2009-0010 has a critical severity rating as it allows remote attackers to execute arbitrary code or cause application crashes.
How do I fix CVE-2009-0010?
To fix CVE-2009-0010, update the affected software to Apple QuickTime version 7.6.2 or later and Mac OS X to version 10.5.7 or later.
Which versions are affected by CVE-2009-0010?
CVE-2009-0010 affects Apple Mac OS X versions 10.4.11 and 10.5 prior to 10.5.7, as well as earlier versions of QuickTime before 7.6.2.
What types of attacks can CVE-2009-0010 facilitate?
CVE-2009-0010 can facilitate remote code execution and denial of service attacks through specially crafted PICT images.
What is the impact of CVE-2009-0010?
The impact of CVE-2009-0010 includes potential arbitrary code execution and crashes of the affected applications.

CVE-2009-0010: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0010?

How do I fix CVE-2009-0010?

Which versions are affected by CVE-2009-0010?

What types of attacks can CVE-2009-0010 facilitate?

What is the impact of CVE-2009-0010?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-0010?

How do I fix CVE-2009-0010?

Which versions are affected by CVE-2009-0010?

What types of attacks can CVE-2009-0010 facilitate?

What is the impact of CVE-2009-0010?