Lucene search
SAINT CorporationSAINT:7B7D01EF6D0A47509AD9655775F6EE89HistoryMay 24, 2006 - 12:00 a.m.
QuickTime MOV file udta Atom buffer overflow
2006-05-2400:00:00
SAINT Corporation
www.saintcorporation.com
8
0.799 High
EPSS
Percentile
98.0%
Added: 05/24/2006
CVE: CVE-2006-1460
BID: 17953
OSVDB: 25509
Background
QuickTime is a media player for Windows and Mac OS platforms.
Problem
A buffer overflow in QuickTime allows command execution by a specially crafted Movie (MOV) file containing a long udta Atom.
Resolution
Upgrade to QuickTime 7.1 or higher.
References
<http://docs.info.apple.com/article.html?artnum=303752>
Limitations
Successful exploitation requires a user to save the movie file and open it in QuickTime. Exploit works on QuickTime 7.0.4. Due to the nature of the vulnerability, the success of the exploit depends on the state of the system.
Platforms
Windows
Related
saint
saint
QuickTime MOV file udta Atom buffer overflow
2006-05-24 00:00:00
QuickTime MOV file udta Atom buffer overflow
2006-05-24 00:00:00
QuickTime MOV file udta Atom buffer overflow
2006-05-24 00:00:00
prion
prion
Buffer overflow
2006-05-12 20:06:00
checkpoint_advisories
checkpoint_advisories
Apple QuickTime udta Atom Buffer Overflow (CVE-2006-1460)
2009-10-14 00:00:00
cve
cve
CVE-2006-1460
2006-05-12 20:06:00
cvelist
cvelist
CVE-2006-1460
2006-05-12 20:00:00
securityvulns
securityvulns
[Full-disclosure] Apple QuickTime udta ATOM Integer Overflow
2007-03-06 00:00:00
[Full-disclosure] Apple QuickDraw/QuickTime Multiple Vulnerabilities
2006-05-12 00:00:00
nessus
nessus
QuickTime < 7.1 Multiple Vulnerabilities (Windows)
2006-05-15 00:00:00
Quicktime < 7.1 Multiple Vulnerabilities (Mac OS X)
2006-05-13 00:00:00