NVD

Id
60176  
Name
CVE-2006-1467  
Description
Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC (M4P, M4A, or M4B) file with a sample table size (STSZ) atom with a "malformed" sample_size_table value.  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-06-29  
Modified Date
2011-03-07  
Seq
2006-1467  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
309787 60176 CVE-2006-1467 APPLE-SA-2006-06-29  View
309788 60176 CVE-2006-1467 1016413  View
309789 60176 CVE-2006-1467 VU#907836  View
309790 60176 CVE-2006-1467 20060630 ZDI-06-020: Apple iTunes AAC File Parsing Integer Overflow Vulnerability  View
309791 60176 CVE-2006-1467 18730  View
309792 60176 CVE-2006-1467 ADV-2006-2601  View
309793 60176 CVE-2006-1467 http://www.zerodayinitiative.com/advisories/ZDI-06-020.html  View
309794 60176 CVE-2006-1467 itunes-aac-file-overflow(27481)  View

Related JVN