What is the severity of CVE-2010-0529?

CVE-2010-0529 is classified as a critical vulnerability due to its potential to allow remote attackers to execute arbitrary code.

How do I fix CVE-2010-0529?

To mitigate CVE-2010-0529, users should upgrade to Apple QuickTime version 7.6.6 or later.

What software versions are affected by CVE-2010-0529?

CVE-2010-0529 affects all versions of Apple QuickTime before 7.6.6 on Windows.

What type of attack does CVE-2010-0529 enable?

CVE-2010-0529 enables a heap-based buffer overflow attack through specially crafted PICT images.

Can CVE-2010-0529 cause a denial of service?

Yes, CVE-2010-0529 can cause a denial of service, leading to application crashes.

Vulnerability/
CVE-2010-0529

critical

9.3

CWE

119

31/3/2010

7/8/2024

CVE-2010-0529: Buffer Overflow

First published: Wed Mar 31 2010(Updated: )

Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.

Credit: product-security@apple.com

Affected Software	Affected Version	How to fix
Apple QuickTime	<=7.6.0
Apple QuickTime	=7.0.0
Apple QuickTime	=7.0.1
Apple QuickTime	=7.0.2
Apple QuickTime	=7.0.3
Apple QuickTime	=7.0.4
Apple QuickTime	=7.1.0
Apple QuickTime	=7.1.1
Apple QuickTime	=7.1.2
Apple QuickTime	=7.1.3
Apple QuickTime	=7.1.4
Apple QuickTime	=7.1.5
Apple QuickTime	=7.1.6
Apple QuickTime	=7.2.0
Apple QuickTime	=7.2.1
Apple QuickTime	=7.3.0
Apple QuickTime	=7.3.1
Apple QuickTime	=7.4.0
Apple QuickTime	=7.4.1
Apple QuickTime	=7.4.5
Apple QuickTime	=7.5.0
Apple QuickTime	=7.5.5
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows XP	=sp2

Remedy

http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0529?
CVE-2010-0529 is classified as a critical vulnerability due to its potential to allow remote attackers to execute arbitrary code.
How do I fix CVE-2010-0529?
To mitigate CVE-2010-0529, users should upgrade to Apple QuickTime version 7.6.6 or later.
What software versions are affected by CVE-2010-0529?
CVE-2010-0529 affects all versions of Apple QuickTime before 7.6.6 on Windows.
What type of attack does CVE-2010-0529 enable?
CVE-2010-0529 enables a heap-based buffer overflow attack through specially crafted PICT images.
Can CVE-2010-0529 cause a denial of service?
Yes, CVE-2010-0529 can cause a denial of service, leading to application crashes.

collector/nvd-historical
agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/remedy
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/apple quicktime
version/apple quicktime/7.6.0
version/apple quicktime/7.0.0
version/apple quicktime/7.0.1
version/apple quicktime/7.0.2
version/apple quicktime/7.0.3
version/apple quicktime/7.0.4
version/apple quicktime/7.1.0
version/apple quicktime/7.1.1
version/apple quicktime/7.1.2
version/apple quicktime/7.1.3
version/apple quicktime/7.1.4
version/apple quicktime/7.1.5
version/apple quicktime/7.1.6
version/apple quicktime/7.2.0
version/apple quicktime/7.2.1
version/apple quicktime/7.3.0
version/apple quicktime/7.3.1
version/apple quicktime/7.4.0
version/apple quicktime/7.4.1
version/apple quicktime/7.4.5
version/apple quicktime/7.5.0
version/apple quicktime/7.5.5
vendor/microsoft
canonical/microsoft windows 7
canonical/microsoft windows vista
canonical/microsoft windows xp
version/microsoft windows xp/sp2