Apple QuickTime 6.4/6.5/7.0.x PictureViewer JPEG/PICT File Buffer Overflow Vulnerability

2006-01-11T00:00:00
ID EDB-ID:27069
Type exploitdb
Reporter Dennis Rand
Modified 2006-01-11T00:00:00

Description

Apple QuickTime 6.4/6.5/7.0.x PictureViewer JPEG/PICT File Buffer Overflow Vulnerability. CVE-2005-2340. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/16212/info

Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers.

An attacker may be able to exploit this issue to execute arbitrary machine code in the context of the affected application, but this has not been confirmed. Unsuccessful exploit attempts will most likely crash the application.

This issue affects QuickTime 6.5.2 and 7.0.3; other versions may also be vulnerable. QuickTime 7.0.4 may also be vulnerable, but this has not been confirmed.

This issue may have previously been discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities). 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27069.jpg