CVE-2005-2753
CVSS5.1
发布时间 :2005-11-05 06:02:00
修订时间 :2011-03-07 00:00:00
NMCOPS    

[原文]Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string.


[CNNVD]Apple QuickTime嵌入式Pascal样式远程整数溢出漏洞(CNNVD-200511-126)

        Apple QuickTime是APPLE公司的媒体播放器软件。
        Apple QuickTime 7.0.3之前版本中的整数溢出,可让用户辅助攻击者通过特制的MOV文件(可导致Pascal样式字符串中长度元素的符号延伸)来执行任意代码。

- CVSS (基础分值)

CVSS分值: 5.1 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-189 [数值错误]

- CPE (受影响的平台与产品)

cpe:/a:apple:quicktime:6.5.2::mac_os_x_10.2
cpe:/a:apple:quicktime:7.0::windows
cpe:/a:apple:quicktime:7.0.1::mac_os_x_10.3
cpe:/a:apple:quicktime:7.0.1::mac_os_x_10.4
cpe:/a:apple:quicktime:7.0.1::windows
cpe:/a:apple:quicktime:6.5.2::mac_os_x_10.3
cpe:/a:apple:quicktime:7.0.2::windows

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2753
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2753
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200511-126
(官方数据源) CNNVD

- 其它链接及资源

http://www.osvdb.org/20475
(PATCH)  OSVDB  20475
http://securitytracker.com/id?1015152
(VENDOR_ADVISORY)  SECTRACK  1015152
http://www.vupen.com/english/advisories/2005/2293
(VENDOR_ADVISORY)  VUPEN  ADV-2005-2293
http://www.securityfocus.com/bid/15306
(UNKNOWN)  BID  15306
http://www.securityfocus.com/archive/1/archive/1/415712/30/0/threaded
(VENDOR_ADVISORY)  BUGTRAQ  20051104 Advisory: Apple QuickTime Player Remote Integer Overflow (1)
http://secunia.com/advisories/17428
(VENDOR_ADVISORY)  SECUNIA  17428
http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt
(VENDOR_ADVISORY)  MISC  http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt
http://docs.info.apple.com/article.html?artnum=302772
(UNKNOWN)  CONFIRM  http://docs.info.apple.com/article.html?artnum=302772

- 漏洞信息

Apple QuickTime嵌入式Pascal样式远程整数溢出漏洞
中危 缓冲区溢出
2005-11-05 00:00:00 2006-08-28 00:00:00
远程  
        Apple QuickTime是APPLE公司的媒体播放器软件。
        Apple QuickTime 7.0.3之前版本中的整数溢出,可让用户辅助攻击者通过特制的MOV文件(可导致Pascal样式字符串中长度元素的符号延伸)来执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        Apple QuickTime Player 6
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 5.0.2
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 6.1
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 6.5
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 6.5.1
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 6.5.2
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 7.0
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 7.0.1
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html
        Apple QuickTime Player 7.0.2
        Apple QuickTime 7.0.3
        http://www.apple.com/support/downloads/quicktime703.html

- 漏洞信息 (F41276)

quicktime-mov-io1-adv.txt (PacketStormID:F41276)
2005-11-04 00:00:00
Piotr Bania  pb.specialised.info
advisory,remote,overflow,code execution
windows,apple,osx
CVE-2005-2753
[点击下载]

Apple QuickTime Player is reported prone to remote integer overflow vulnerability (exploitable via remotely originated content). A sign extension of an embedded "Pascal" style string could result in a very large memory copy, which lead to potential memory overwrite. The vulnerability may lead to remote code execution when specially crafted video file (MOV file) is being loaded. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.

Apple QuickTime Player Remote Integer Overflow (1)
by Piotr Bania <bania.piotr@gmail.com>
http://pb.specialised.info
All rights reserved.


CVE-ID: 		CVE-2005-2753

Original location:
http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt

Severity: 		Critical - remote code execution.

Software affected:	QuickTime package 7.0.1 for Mac OS X 10.3
			QuickTime package 7.0.1 for Mac OS X 10.4
			QuickTime package 6.5.2 for Mac OS X 10.3
			QuickTime package 6.5.2 for Mac OS X 10.2
			QuickTime package 7* for Windows

			Older versions may be also vulnerable.
Note:			Following versions are not vulnerable, due to
			the fact I have reported the vulnerabilities
			before their releases:

			QuickTime package 7.0.2 for Mac OS X 10.3
			QuickTime package 7.0.2 for Mac OS X 10.4



0.   DISCLAIMER

Author takes no responsibility for any actions with provided
informations or codes. The copyright for any material created by the
author is reserved. Any duplication of codes or texts provided here in
electronic or printed publications is not permitted without the author's
agreement.

I.   BACKGROUND

Apple QuickTime Player is one of the Apple QuickTime components
used by hundreds of millions of users.

II.  DESCRIPTION

Apple QuickTime Player is reported prone to remote integer overflow
vulnerability (exploitable via remotely originated content).

A sign extension of an embedded "Pascal" style string could result in
a very large memory copy, which lead to potencial memory overwrite.

The vulnerability may lead to remote code execution when specially
crafted video file (MOV file) is being loaded.

III. POC CODE

Due to severity of this bug i will not release any proof of concept
codes for this issue.

IV.  VENDOR RESPONSE

Vendor (Apple) has been noticed and released all necessary patches.


best regards,
Piotr Bania

-- 
--------------------------------------------------------------------
Piotr Bania - <bania.piotr@gmail.com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A  BFA4 1FF6 689F BE43 AC33
http://pb.specialised.info  - Key ID: 0xBE43AC33
--------------------------------------------------------------------

                           " Dinanzi a me non fuor cose create
                             se non etterne, e io etterno duro.
                             Lasciate ogne speranza, voi ch'intrate "
                                           - Dante, Inferno Canto III

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息

20475
Apple QuickTime Embedded Pascal Style String Overflow
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Unknown

- 漏洞描述

A remote overflow exists in Quicktime. The program fails to validate movie files resulting in an integer overflow. With a specially crafted file containing an embedded "Pascal" style string, an attacker can cause a very large memory copy leading to remote code execution, resulting in a loss of integrity.

- 时间线

2005-11-03 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 7.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Apple QuickTime Embedded Pascal Style Remote Integer Overflow Vulnerability
Boundary Condition Error 15306
Yes No
2005-11-03 12:00:00 2005-11-03 12:00:00
Piotr Bania <bania.piotr@gmail.com> reported this issue to the vendor.

- 受影响的程序版本

Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 6.5.2
Apple QuickTime Player 6.5.1
Apple QuickTime Player 6.5
Apple QuickTime Player 6.1
Apple QuickTime Player 5.0.2
- Apple Mac OS 9 9.2.2
- Apple Mac OS 9 9.2.2
- Apple Mac OS 9 9.2.1
- Apple Mac OS 9 9.2.1
- Apple Mac OS 9 9.2
- Apple Mac OS 9 9.2
- Apple Mac OS 9 9.1
- Apple Mac OS 9 9.1
- Apple Mac OS 9 9.0.4
- Apple Mac OS 9 9.0.4
- Apple Mac OS 9 9.0
- Apple Mac OS 9 9.0
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0
- Apple Mac OS X 10.0
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 95 SR2
- Microsoft Windows 95 SR2
- Microsoft Windows 95
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows ME
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Terminal Server 4.0 SP6a
- Microsoft Windows NT Terminal Server 4.0 SP6
- Microsoft Windows NT Terminal Server 4.0 SP6
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows NT Terminal Server 4.0 SP1
- Microsoft Windows NT Terminal Server 4.0 SP1
- Microsoft Windows NT Terminal Server 4.0
- Microsoft Windows NT Terminal Server 4.0
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Workstation 4.0
Apple QuickTime Player 6
- Apple Mac OS 9 9.2.2
- Apple Mac OS 9 9.2.2
- Apple Mac OS 9 9.2.1
- Apple Mac OS 9 9.2.1
- Apple Mac OS 9 9.2
- Apple Mac OS 9 9.2
- Apple Mac OS 9 9.1
- Apple Mac OS 9 9.1
- Apple Mac OS 9 9.0.4
- Apple Mac OS 9 9.0.4
- Apple Mac OS 9 9.0
- Apple Mac OS 9 9.0
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0
- Apple Mac OS X 10.0
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 95 SR2
- Microsoft Windows 95 SR2
- Microsoft Windows 95
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows ME
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Terminal Server 4.0 SP6a
- Microsoft Windows NT Terminal Server 4.0 SP6
- Microsoft Windows NT Terminal Server 4.0 SP6
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows NT Terminal Server 4.0 SP1
- Microsoft Windows NT Terminal Server 4.0 SP1
- Microsoft Windows NT Terminal Server 4.0
- Microsoft Windows NT Terminal Server 4.0
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Workstation 4.0
Apple QuickTime Player 7.0.3

- 不受影响的程序版本

Apple QuickTime Player 7.0.3

- 漏洞讨论

A remote integer overflow vulnerability affects Apple QuickTime. This issue is due to a failure of the application to properly validate integer signed-ness prior to using it to carry out critical operations.

An attacker may leverage this issue to cause the affected QuickTime client to crash, denying service to legitimate users. It has been speculated that this issue may also facilitate code execution; any code execution would occur with the privileges of the user that activated the affected software.

This issue affects both Microsoft Windows, and Apple versions of QuickTime.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Apple has released version 7.0.3 of QuickTime to address this, and other issues. Users are encouraged to utilize the built-in 'Software Update' feature to download and install fixes. Please see the referenced Apple document for further information.


Apple QuickTime Player 6

Apple QuickTime Player 5.0.2

Apple QuickTime Player 6.1

Apple QuickTime Player 6.5

Apple QuickTime Player 6.5.1

Apple QuickTime Player 6.5.2

Apple QuickTime Player 7.0

Apple QuickTime Player 7.0.1

Apple QuickTime Player 7.0.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站