CVE-2006-4381 : Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote att

Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie.

Published 2006-09-12 23:07:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2006-4381

Apple » Quicktime
Versions up to, including, (<=) 7.1.2
cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 5.0.1
cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 5.0.2
cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 5.0
cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 6.0
cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 6.1
cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 6.5
cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 6.5.1
cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0
cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.1
cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.2
cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 6.5.2
cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 6.5.2 Mac Os X 10.2 Edition
cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.2:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 6.5.2 Mac Os X 10.3 Edition
cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.3:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.1 Mac Os X 10.3 Edition
cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.3:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0 Windows Edition
cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.1 Mac Os X 10.4 Edition
cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.4:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.1 Windows Edition
cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.3
cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.4
cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.0.2 Windows Edition
cpe:2.3:a:apple:quicktime:7.0.2:*:windows:*:*:*:*:*
Matching versions
Apple » Quicktime » Version: 7.1.1
cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-4381

EPSS FAQ

8.82%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 92 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-4381

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.1	MEDIUM	AV:N/AC:H/Au:N/C:P/I:P/A:P	4.9	6.4	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-4381

Jump to

Vulnerability Details : CVE-2006-4381

Products affected by CVE-2006-4381

Exploit prediction scoring system (EPSS) score for CVE-2006-4381

CVSS scores for CVE-2006-4381

References for CVE-2006-4381