Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:A2F898DB169D6F63A2F792402A8787E7
HistoryDec 24, 2012 - 12:00 a.m.

Apple QuickTime TeXML Style Element Buffer Overflow

2012-12-2400:00:00
SAINT Corporation
download.saintcorporation.com
78

0.97 High

EPSS

Percentile

99.8%

JSON

Added: 12/24/2012
CVE: CVE-2012-3752
BID: 56557
OSVDB: 87087

Background

QuickTime is a media player for Windows and Mac OS platforms.

Problem

Apple QuickTime 7.7.2 and earlier is vulnerable to remote code execution due to a failure to perform appropriate boundary checking. A remote attacker who persuades a vulnerable user to open a specially crafted TeXML file could execute arbitrary code with the rights of the compromised user.

Resolution

Upgrade to Apple QuickTime 7.7.3 or later.

References

<http://support.apple.com/kb/HT5581&gt;
<http://lists.apple.com/archives/security-announce/2012/Nov/msg00002.html&gt;

Limitations

This exploit has been tested against Apple Quicktime 7.7.2 on Microsoft Windows XP SP3 English (DEP OptIn).

The user with the vulnerable version of QuickTime must open a specially crafted TeXML file in Internet Explorer 7.

Platforms

Windows

Related

nvd 1
cve 1
packetstorm 1
prion 1
saint 3
cvelist 1
checkpoint_advisories 1
nessus 3
seebug 1
openvas 2
securityvulns 2
threatpost 1
nvd
nvd
CVE-2012-3752
2012-11-09 19:55:01
cve
cve
CVE-2012-3752
2012-11-09 19:55:01
packetstorm
packetstorm
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
2012-11-26 00:00:00
prion
prion
Buffer overflow
2012-11-09 19:55:00
saint
saint
Apple QuickTime TeXML Style Element Buffer Overflow
2012-12-24 00:00:00
Apple QuickTime TeXML Style Element Buffer Overflow
2012-12-24 00:00:00
Apple QuickTime TeXML Style Element Buffer Overflow
2012-12-24 00:00:00
cvelist
cvelist
CVE-2012-3752
2012-11-09 19:00:00
checkpoint_advisories
checkpoint_advisories
Apple QuickTime TeXML Style Element Text Specification Buffer Overflow (CVE-2012-3752)
2012-12-16 00:00:00
nessus
nessus
QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)
2012-11-16 00:00:00
QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)
2012-11-12 00:00:00
QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)
2012-11-16 00:00:00
seebug
seebug
Apple QuickTime 7.7.3δΉ‹ε‰η‰ˆζœ¬ε€šδΈͺδ»»ζ„δ»£η ζ‰§θ‘ŒζΌζ΄ž
2012-11-09 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities - Nov12 (Windows)
2012-11-09 00:00:00
Apple QuickTime Multiple Vulnerabilities (Nov 2012) - Windows
2012-11-09 00:00:00
securityvulns
securityvulns
APPLE-SA-2012-11-07-1 QuickTime 7.7.3
2012-11-09 00:00:00
Apple QuickTime multiple security vulnerabilities
2012-11-09 00:00:00
threatpost
threatpost
Apple Fixes Critical Flaws in QuickTime 7.7.3
2012-11-08 16:53:48

0.97 High

EPSS

Percentile

99.8%

JSON
Related for SAINT:A2F898DB169D6F63A2F792402A8787E7
nvd1cve1packetstorm1prion1saint3cvelist1checkpoint_advisories1nessus3seebug1openvas2securityvulns2threatpost1