ID

VAR-200512-0611


CVE

CVE-2005-4092


TITLE

Apple QuickTime fails to properly handle corrupt media files

Trust: 0.8

sources: CERT/CC: VU#921193

DESCRIPTION

Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of Targa (TGA) image format files could allow a remote attacker to execute arbitrary code on a vulnerable system. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. These issues arise when the application handles specially crafted QTIF, TGA, TIFF, and GIF image formats. Successful exploits of these issues may allow remote attackers to trigger a denial-of-service condition or to gain unauthorized access. This issue affects both Mac OS X and Microsoft Windows releases of the software. This issue may be triggered when the application processes a malformed movie (.MOV) file. Successful exploitation will result in execution of arbitrary code in the context of the currently logged in user. This issue affects Apple QuickTime 7.0.3 and iTunes 6.0.1. Earlier versions may also be affected. Multiple buffer overflow vulnerabilities exist in QuickTime.qts. This specific flaw exists within the QuickTime.qts file which many applications access QuickTime's functionality through. By specially crafting atoms within a movie file, a direct heap overwrite is triggered, and reliable code execution is then possible. Technical Details: Technical Description: The code in QuickTime.qts responsible for the size of the Sample Description Table entries from the 'stsd' atom in a QuickTime-format movie on the heap. According to developer.apple.com, the format of the Sample Description Atom is as follows: Field Description ---------------------------------------------------------------- Size 32-bit int Data Format 4 char code Reserved 6 bytes that must be 0 Data Reference Index 16-bit int Hint Track Version 16-bit unsigned int Last compatible hint track version 16-bit unsigned int Max Packet Size 32-bit int Additional Data Table Variable By setting the size of the Sample Description Table to a size of 00 15 - 00 D0 will cause a heap-based overflow. By supplying the "Last compatible hint track version" field with the value of 00 05 - 00 09, an insufficiently-sized heap block will be allocated, resulting in a classic complete heap memory overwrite during the RtlAllocateHeap() function and the attacker can control memory with data taken from the filename of the .MOV file. This vulnerability can be successfully exploited via an embedded media player in an HTML page, email, or HTML link. References QuickTime: QuickTime File Format http://developer.apple.com/documentation/QuickTime/QTFF/index.html Protection: Retina Network Security Scanner has been updated to identify this vulnerability. Vendor Status: Apple has released a patch for this vulnerability. The patch is available via the Updates section of the affected applications. This vulnerability has been assigned the CVE identifier CVE-2005-4092. Credit: Discovery: Karl Lynn Greetings: 0x41414141 Copyright (c) 1998-2006 eEye Digital Security Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert@eEye.com for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE-----

Trust: 6.12

sources: NVD: CVE-2005-4092 // CERT/CC: VU#921193 // CERT/CC: VU#629845 // CERT/CC: VU#115729 // CERT/CC: VU#150753 // CERT/CC: VU#913449 // JVNDB: JVNDB-2005-000858 // BID: 16202 // BID: 15732 // VULHUB: VHN-15300 // PACKETSTORM: 43058 // PACKETSTORM: 43059 // PACKETSTORM: 43062

AFFECTED PRODUCTS

vendor:apple computermodel: - scope: - version: -

Trust: 4.0

vendor:applemodel:itunesscope:eqversion:6.0.1

Trust: 1.9

vendor:applemodel:quicktimescope:eqversion:7.0.3

Trust: 1.6

vendor:applemodel:mac os xscope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows 2000scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows xpscope:eqversion:sp3

Trust: 0.8

vendor:applemodel:quicktime playerscope:eqversion:7.0.3

Trust: 0.6

vendor:applemodel:quicktime playerscope:neversion:7.0.4

Trust: 0.6

vendor:applemodel:quicktime playerscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:6.5.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:6.4

Trust: 0.3

vendor:free codecs commodel:quicktime alternativescope:eqversion:1.67

Trust: 0.3

vendor:esignalmodel:esignalscope:neversion:6.0.2

Trust: 0.3

sources: CERT/CC: VU#921193 // CERT/CC: VU#629845 // CERT/CC: VU#115729 // CERT/CC: VU#150753 // CERT/CC: VU#913449 // BID: 16202 // BID: 15732 // JVNDB: JVNDB-2005-000858 // CNNVD: CNNVD-200512-165 // NVD: CVE-2005-4092

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-4092
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#921193
value: 43.88

Trust: 0.8

CARNEGIE MELLON: VU#629845
value: 18.23

Trust: 0.8

CARNEGIE MELLON: VU#115729
value: 3.85

Trust: 0.8

CARNEGIE MELLON: VU#150753
value: 32.63

Trust: 0.8

CARNEGIE MELLON: VU#913449
value: 3.85

Trust: 0.8

CNNVD: CNNVD-200512-165
value: HIGH

Trust: 0.6

VULHUB: VHN-15300
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2005-4092
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-15300
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#921193 // CERT/CC: VU#629845 // CERT/CC: VU#115729 // CERT/CC: VU#150753 // CERT/CC: VU#913449 // VULHUB: VHN-15300 // CNNVD: CNNVD-200512-165 // NVD: CVE-2005-4092

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

sources: VULHUB: VHN-15300 // NVD: CVE-2005-4092

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 43058 // PACKETSTORM: 43059 // CNNVD: CNNVD-200512-165

TYPE

Boundary Condition Error

Trust: 0.6

sources: BID: 16202 // BID: 15732

CONFIGURATIONS

sources: JVNDB: JVNDB-2005-000858

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-15300

PATCH

title:Download the Standalone QuickTime Playerurl:http://www.apple.com/jp/quicktime/download/standalone.html

Trust: 0.8

title:TA23845url:http://support.apple.com/kb/TA23845?viewlocale=ja_JP

Trust: 0.8

title:TA06-011Aurl:http://software.fujitsu.com/jp/security/vulnerabilities/ta06-011a.html

Trust: 0.8

sources: JVNDB: JVNDB-2005-000858

EXTERNAL IDS

db:SECUNIAid:18370

Trust: 4.9

db:CERT/CCid:VU#921193

Trust: 3.4

db:NVDid:CVE-2005-4092

Trust: 3.1

db:USCERTid:TA06-011A

Trust: 2.6

db:BIDid:15732

Trust: 2.0

db:CERT/CCid:VU#629845

Trust: 1.7

db:CERT/CCid:VU#115729

Trust: 1.7

db:CERT/CCid:VU#150753

Trust: 1.7

db:CERT/CCid:VU#913449

Trust: 1.7

db:SREASONid:334

Trust: 1.7

db:SREASONid:336

Trust: 1.7

db:SECUNIAid:18149

Trust: 1.7

db:SECTRACKid:1015397

Trust: 1.7

db:SECTRACKid:1015396

Trust: 1.7

db:SECTRACKid:1015356

Trust: 1.7

db:VUPENid:ADV-2006-0128

Trust: 1.7

db:VUPENid:ADV-2005-3012

Trust: 1.7

db:BIDid:16202

Trust: 1.1

db:OSVDBid:22337

Trust: 0.8

db:SECTRACKid:1015466

Trust: 0.8

db:JVNDBid:JVNDB-2005-000858

Trust: 0.8

db:CNNVDid:CNNVD-200512-165

Trust: 0.7

db:CERT/CCid:TA06-011A

Trust: 0.6

db:BUGTRAQid:20060111 [EEYEB-20051117B] APPLE ITUNES (QUICKTIME.QTS) HEAP OVERFLOW

Trust: 0.6

db:BUGTRAQid:20060111 [EEYEB-20051117A] APPLE QUICKTIME STSD ATOM HEAP OVERFLOW

Trust: 0.6

db:BUGTRAQid:20060111 UPDATED ADVISORIES - INCORRECT CVE INFORMATION

Trust: 0.6

db:APPLEid:APPLE-SA-2006-01-10

Trust: 0.6

db:PACKETSTORMid:43059

Trust: 0.2

db:PACKETSTORMid:43058

Trust: 0.2

db:PACKETSTORMid:43062

Trust: 0.2

db:VULHUBid:VHN-15300

Trust: 0.1

sources: CERT/CC: VU#921193 // CERT/CC: VU#629845 // CERT/CC: VU#115729 // CERT/CC: VU#150753 // CERT/CC: VU#913449 // VULHUB: VHN-15300 // BID: 16202 // BID: 15732 // JVNDB: JVNDB-2005-000858 // PACKETSTORM: 43058 // PACKETSTORM: 43059 // PACKETSTORM: 43062 // CNNVD: CNNVD-200512-165 // NVD: CVE-2005-4092

REFERENCES

url:http://docs.info.apple.com/article.html?artnum=303101

Trust: 4.9

url:http://secunia.com/advisories/18370/

Trust: 3.2

url:http://www.kb.cert.org/vuls/id/921193

Trust: 2.5

url:http://security-protocols.com/advisory/sp-x21-advisory.txt

Trust: 2.0

url:http://www.security-protocols.com/modules.php?name=news&file=article&sid=3109

Trust: 1.9

url:http://www.securityfocus.com/bid/15732

Trust: 1.7

url:http://www.us-cert.gov/cas/techalerts/ta06-011a.html

Trust: 1.7

url:http://www.eeye.com/html/research/upcoming/20051117a.html

Trust: 1.7

url:http://www.eeye.com/html/research/upcoming/20051117b.html

Trust: 1.7

url:http://www.security-protocols.com/advisory/sp-x21-advisory.txt

Trust: 1.7

url:http://securitytracker.com/id?1015356

Trust: 1.7

url:http://securitytracker.com/id?1015396

Trust: 1.7

url:http://securitytracker.com/id?1015397

Trust: 1.7

url:http://secunia.com/advisories/18149

Trust: 1.7

url:http://secunia.com/advisories/18370

Trust: 1.7

url:http://securityreason.com/securityalert/334

Trust: 1.7

url:http://securityreason.com/securityalert/336

Trust: 1.7

url:http://www.security-protocols.com/modules.php?name=news&file=article&sid=3133

Trust: 1.6

url:http://www.securityfocus.com/archive/1/421547/100/0/threaded

Trust: 1.1

url:http://www.securityfocus.com/archive/1/421635/100/0/threaded

Trust: 1.1

url:http://www.securityfocus.com/archive/1/421569/100/0/threaded

Trust: 1.1

url:http://www.vupen.com/english/advisories/2005/3012

Trust: 1.1

url:http://www.vupen.com/english/advisories/2006/0128

Trust: 1.1

url:http://www.eeye.com/html/research/advisories/ad20060111a.html

Trust: 0.8

url:about vulnerability notes

Trust: 0.8

url:contact us about this vulnerability

Trust: 0.8

url:provide a vendor statement

Trust: 0.8

url:http://www.securityfocus.com/bid/16202

Trust: 0.8

url:http://www.osvdb.org/displayvuln.php?osvdb_id=22337

Trust: 0.8

url:http://www.eeye.com/html/research/advisories/ad20060111d.html

Trust: 0.8

url:http://securitytracker.com/alerts/2006/jan/1015466.html

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3713

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-4092

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3707

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3710

Trust: 0.8

url:http://jvn.jp/cert/jvnta06-011a/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2005-4092

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2005-3707

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2005-3710

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2005-3713

Trust: 0.8

url:http://www.kb.cert.org/vuls/id/629845

Trust: 0.8

url:http://www.kb.cert.org/vuls/id/115729

Trust: 0.8

url:http://www.kb.cert.org/vuls/id/150753

Trust: 0.8

url:http://www.kb.cert.org/vuls/id/913449

Trust: 0.8

url:http://www.securityfocus.com/archive/1/archive/1/421635/100/0/threaded

Trust: 0.6

url:http://www.securityfocus.com/archive/1/archive/1/421569/100/0/threaded

Trust: 0.6

url:http://www.securityfocus.com/archive/1/archive/1/421547/100/0/threaded

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2006/0128

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2005/3012

Trust: 0.6

url:http://www.apple.com/quicktime/

Trust: 0.3

url:/archive/1/421561

Trust: 0.3

url:/archive/1/421566

Trust: 0.3

url:/archive/1/421831

Trust: 0.3

url:/archive/1/421799

Trust: 0.3

url:http://www.free-codecs.com/download/quicktime_alternative.htm

Trust: 0.3

url:/archive/1/421635

Trust: 0.3

url:/archive/1/421569

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2005-4092

Trust: 0.3

url:http://developer.apple.com/documentation/quicktime/qtff/index.html

Trust: 0.2

url: -

Trust: 0.1

url:http://www.security-protocols.com/modules.php?name=news&amp;file=article&amp;sid=3109

Trust: 0.1

url:http://www.security-protocols.com/modules.php?name=news&amp;file=article&amp;sid=3133

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/913449>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2005-3710

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-4092>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3710>

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/629845>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3713>

Trust: 0.1

url:http://www.us-cert.gov/cas/techalerts/ta06-011a.html>

Trust: 0.1

url:http://www.us-cert.gov/cas/signup.html>.

Trust: 0.1

url:http://docs.info.apple.com/article.html?artnum=302810>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3707>

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/115729>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2340>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2005-3707

Trust: 0.1

url:http://www.apple.com/support/downloads/quicktime704.html>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2005-2340

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/921193>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2005-3713

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/150753>

Trust: 0.1

url:http://docs.info.apple.com/article.html?artnum=303101>

Trust: 0.1

url:http://www.us-cert.gov/legal.html>

Trust: 0.1

sources: CERT/CC: VU#921193 // CERT/CC: VU#629845 // CERT/CC: VU#115729 // CERT/CC: VU#150753 // CERT/CC: VU#913449 // VULHUB: VHN-15300 // BID: 16202 // BID: 15732 // JVNDB: JVNDB-2005-000858 // PACKETSTORM: 43058 // PACKETSTORM: 43059 // PACKETSTORM: 43062 // CNNVD: CNNVD-200512-165 // NVD: CVE-2005-4092

CREDITS

Karl Lynn0x41414141Tom Ferris tommy@security-protocols.com

Trust: 0.6

sources: CNNVD: CNNVD-200512-165

SOURCES

db:CERT/CCid:VU#921193
db:CERT/CCid:VU#629845
db:CERT/CCid:VU#115729
db:CERT/CCid:VU#150753
db:CERT/CCid:VU#913449
db:VULHUBid:VHN-15300
db:BIDid:16202
db:BIDid:15732
db:JVNDBid:JVNDB-2005-000858
db:PACKETSTORMid:43058
db:PACKETSTORMid:43059
db:PACKETSTORMid:43062
db:CNNVDid:CNNVD-200512-165
db:NVDid:CVE-2005-4092

LAST UPDATE DATE

2024-11-22T22:48:34.734000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#921193date:2006-01-12T00:00:00
db:CERT/CCid:VU#629845date:2006-01-13T00:00:00
db:CERT/CCid:VU#115729date:2006-01-11T00:00:00
db:CERT/CCid:VU#150753date:2006-01-13T00:00:00
db:CERT/CCid:VU#913449date:2006-01-31T00:00:00
db:VULHUBid:VHN-15300date:2018-10-19T00:00:00
db:BIDid:16202date:2008-05-01T18:56:00
db:BIDid:15732date:2006-01-11T18:56:00
db:JVNDBid:JVNDB-2005-000858date:2009-04-03T00:00:00
db:CNNVDid:CNNVD-200512-165date:2012-12-26T00:00:00
db:NVDid:CVE-2005-4092date:2018-10-19T15:40:05.643

SOURCES RELEASE DATE

db:CERT/CCid:VU#921193date:2006-01-11T00:00:00
db:CERT/CCid:VU#629845date:2006-01-11T00:00:00
db:CERT/CCid:VU#115729date:2006-01-11T00:00:00
db:CERT/CCid:VU#150753date:2006-01-11T00:00:00
db:CERT/CCid:VU#913449date:2006-01-11T00:00:00
db:VULHUBid:VHN-15300date:2005-12-08T00:00:00
db:BIDid:16202date:2006-01-10T00:00:00
db:BIDid:15732date:2005-12-02T00:00:00
db:JVNDBid:JVNDB-2005-000858date:2009-04-03T00:00:00
db:PACKETSTORMid:43058date:2006-01-15T15:32:06
db:PACKETSTORMid:43059date:2006-01-15T15:33:12
db:PACKETSTORMid:43062date:2006-01-15T15:39:24
db:CNNVDid:CNNVD-200512-165date:2005-12-08T00:00:00
db:NVDid:CVE-2005-4092date:2005-12-08T11:03:00