180 matches found
Apple QuickTime FlashPix Movie File Integer Overflow (CVE-2010-0519)
Apple QuickTime is a multimedia player that supports a wide range of media formats. The software supports the parsing and displaying of image files as well as numerous audio/video formats. One of the image file formats supported by QuickTime is the FlashPix format. FlashPix is a bitmapped compute...
ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-043 April 2, 2010 -- CVE ID: CVE-2010-0519 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection:...
Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of a...
QuickTime < 7.6.6 Multiple Vulnerabilities (Windows)
The version of QuickTime installed on the remote Windows host is older than 7.6.6. Such versions contain several vulnerabilities : - A heap-based buffer overflow in QuickTime's handling of PICT images may lead to an application crash or arbitrary code execution. CVE-2009-2837 - A memory corruptio...
QuickTime < 7.6.6 Multiple Vulnerabilities (Mac OS X)
The version of QuickTime installed on the remote Mac OS X host is older than 7.6.6. Such versions contain several vulnerabilities : - A memory corruption issue in QuickTime's handling of QDM2 encoded audio content may lead to an application crash or arbitrary code execution. CVE-2010-0059 - A...
CVE-2010-0519
Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value...
Integer overflow
Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value...
CVE-2010-0519
The CVE-2010-0519 issue affects Apple QuickTime on Mac OS X prior to 10.6.3, where an integer overflow in handling FlashPix-encoded content (NumberOfTiles) can lead to arbitrary code execution or a denial of service. The vulnerability is triggered by a malformed SubImage Header Stream in a FlashP...
Apple QuickTime FlashPix File Buffer Overflow (CVE-2009-2798)
Apple's QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous audio/video formats. One of the image file formats supported by QuickTime is the FlashPix image format. A heap buffer overflow...
Apple QuickTime multiple security vulnerabilities
Buffer overflow on MPEG-4, H.264 and FlashPix data parsing...
About the security content of QuickTime 7.6.4
About the security content of QuickTime 7.6.4 Last Modified: September 09, 2009 Article: HT3859 Summary This document describes the security content of QuickTime 7.6.4. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has...
Apple QuickTime Multiple Vulnerabilities - Sep09
The host is installed with Apple QuickTime and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplequicktimemultvulnsep09.nasl 5055 2017-01-20 14:08:39Z teissa $ Apple QuickTime Multiple Vulnerabilities - Sep09 Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...
ZDI-09-064: Apple QuickTime FlashPix Sector Size Overflow Vulnerability
ZDI-09-064: Apple QuickTime FlashPix Sector Size Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-064 September 10, 2009 -- CVE ID: CVE-2009-2798 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
Apple QuickTime Multiple Vulnerabilities (Sep 2009)
Apple QuickTime is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:quicktime";...
CVE-2009-2798
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FlashPix file...
Heap overflow
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FlashPix file...
CVE-2009-2798
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FlashPix file...
CVE-2009-2798
CVE-2009-2798 describes a heap-based buffer overflow in Apple QuickTime before 7.6.4 triggered by parsing a crafted FlashPix (.fpx) file. The flaw occurs during handling of sector-related fields, where multiplication of two 32-bit values leads to an undersized heap allocation, allowing a remote a...
Apple QuickTime FlashPix Sector Size Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of...
QuickTime < 7.6.4 Multiple Vulnerabilities (Mac OS X)
The version of QuickTime installed on the remote Mac OS X host is older than 7.6.4. Such versions contain several vulnerabilities : - A memory corruption issue in QuickTime's handling of H.264 movie files may lead to an application crash or arbitrary code execution. CVE-2009-2202 - A buffer...