CVE-2013-1032

QuickTime - Remote Code Execution via Crafted idsc Atom in Movie File

Title source: llm
STIX 2.1

Description

QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file.

References (3)

Core 3
Core References
Release Notes, Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT6151
Release Notes, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
Release Notes, Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5880

Scores

EPSS 0.0282
EPSS Percentile 85.0%

Details

CWE
CWE-787
Status published
Products (2)
apple/mac_os_x < 10.8.5
apple/quicktime
Published Sep 16, 2013
Tracked Since Feb 18, 2026