Apple QuickTime 6.46.57.0.x - PictureViewer .JPEG.PICT File Buffer Overflow

2006-01-11T00:00:00
ID EXPLOITPACK:851AC32B1BAA3388E9F2D76E48277B7A
Type exploitpack
Reporter Dennis Rand
Modified 2006-01-11T00:00:00

Description

Apple QuickTime 6.46.57.0.x - PictureViewer .JPEG.PICT File Buffer Overflow

                                        
                                            source: https://www.securityfocus.com/bid/16212/info

Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers.

An attacker may be able to exploit this issue to execute arbitrary machine code in the context of the affected application, but this has not been confirmed. Unsuccessful exploit attempts will most likely crash the application.

This issue affects QuickTime 6.5.2 and 7.0.3; other versions may also be vulnerable. QuickTime 7.0.4 may also be vulnerable, but this has not been confirmed.

This issue may have previously been discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities). 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/27069.jpg