CVE-2006-4389

Published: Sep 12, 2006Modified: Apr 16, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object.

Affected (14)

Products: Apple: Quicktime

1 product

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Apple Quicktime	Version 5.0.2
Apple Quicktime	Version 6.0
Apple Quicktime	Version 6.1
Apple Quicktime	Version 6.5.1
Apple Quicktime	Version 6.5.2
Apple Quicktime	Version 6.5
Apple Quicktime	Version 7.0.1
Apple Quicktime	Version 7.0.2
Apple Quicktime	Version 7.0.3
Apple Quicktime	Version 7.0.4
Apple Quicktime	Version 7.0
Apple Quicktime	Version 7.1.1
Apple Quicktime	Version 7.1.2
Apple Quicktime	Version 7.1

References (28)

http://docs.info.apple.com/article.html?artnum=304357

Source: cve@mitre.org

http://lists.apple.com/archives/Security-announce/2006/Sep/msg00000.html

Source: cve@mitre.org

http://secunia.com/advisories/21893

Source: cve@mitre.org

http://secunia.com/advisories/29182

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200803-08.xml

Source: cve@mitre.org

http://securityreason.com/securityalert/1554

Source: cve@mitre.org

http://securitytracker.com/id?1016830

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/540348

Source: cve@mitre.org

US Government Resource

http://www.osvdb.org/28769

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/445888/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/19976

Source: cve@mitre.org

ExploitPatch

http://www.us-cert.gov/cas/techalerts/TA06-256A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2006/3577

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28938

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=304357

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/Security-announce/2006/Sep/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21893

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/29182

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200803-08.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/1554

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016830

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/540348

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.osvdb.org/28769

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/445888/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/19976

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.us-cert.gov/cas/techalerts/TA06-256A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2006/3577

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/28938

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.