Lucene search
SAINT CorporationSAINT:05FF607A04C0B67EE9245115451C5FE3HistoryJan 24, 2006 - 12:00 a.m.
QuickTime JPEG buffer overflow
2006-01-2400:00:00
SAINT Corporation
www.saintcorporation.com
11
0.97 High
EPSS
Percentile
99.7%
Added: 01/24/2006
CVE: CVE-2005-2340
BID: 16212
OSVDB: 22335
Background
QuickTime is a media player for Windows and Mac OS platforms.
Problem
A buffer overflow in QuickTime allows command execution when a user opens a specially crafted JPEG file.
Resolution
Upgrade to QuickTime 7.0.4 or higher.
References
<http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0392.html>
Limitations
Exploit works on Apple QuickTime PictureViewer 6.5.2. A user must download and open the specially crafted JPEG file in order for exploitation to succeed.
Platforms
Windows
Related
cve
cve
CVE-2005-2340
2005-12-31 05:00:00
securityvulns
securityvulns
[EEYEB-20051117B] Apple iTunes (QuickTime.qts) Heap Overflow
2006-01-12 00:00:00
saint
saint
QuickTime JPEG buffer overflow
2006-01-24 00:00:00
QuickTime JPEG buffer overflow
2006-01-24 00:00:00
QuickTime JPEG buffer overflow
2006-01-24 00:00:00
cert
cert
Apple QuickTime image handling buffer overflow
2006-01-11 00:00:00
Apple QuickTime and iTunes QTIF image buffer overflow
2006-01-11 00:00:00
Apple QuickTime fails to properly handle corrupt TGA images
2006-01-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple QuickTime PictureViewer Buffer Overflow (CVE-2005-0903; CVE-2005-2340)
2009-10-05 00:00:00
nessus
nessus
QuickTime < 7.0.4 Multiple Vulnerabilities (Windows)
2006-01-11 00:00:00