Apple QuickTime rnet Box Parsing Heap Buffer Overflow - Improved Performance (CVE-2012-3756)

A heap buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a bounds-checking error while parsing QuickTime reference movie files. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted QuickTime movie fi...

Apple Fixes OS X Flaw That Allowed Java Apps to Run With Plugin Disabled

Apple on Thursday released a large batch of security fixes for its OS X operating system, one of which patches a flaw that allowed Java Web Start applications to run even when users had Java disabled in the browser. OS X 10.8.3 fixes 21 total vulnerabilities, and also includes a new version of th...

Mac OS X Multiple Vulnerabilities (Security Update 2013-001)

The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-001 applied. This update contains numerous security-related fixes for the following components : - Apache - CoreTypes 10.7 only - International Components for Unicode - Identity Services 10.7 onl...

Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.3. The newer version contains multiple security-related fixes for the following components : - Apache - CoreTypes - International Components for Unicode - Identity Services - ImageIO - IOAcceleratorFamily - Kernel - Log...

Apple QuickTime ActiveX Control Clear Method Use-After-Free (CVE-2012-3754)

A use-after-free vulnerability has been reported in Apple QuickTime's ActiveX control...

Apple QuickTime MPEG Stream Padding Code Execution (CVE-2012-0659)

A buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a heap-based buffer overflow when calculating the padding for an MPEG sample. A remote attacker can exploit this issue by enticing a target user to open a specially crafted MPEG-2 file. Successful...

Apple QuickTime rnet Box Parsing Heap Buffer Overflow (CVE-2012-3756)

A heap buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a bounds-checking error while parsing QuickTime reference movie files. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted QuickTime movie fi...

Apple QuickTime TeXML Style Element Buffer Overflow

Added: 12/24/2012 CVE: CVE-2012-3752 BID: 56557 OSVDB: 87087 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.2 and earlier is vulnerable to remote code execution due to a failure to perform appropriate boundary checking. A remote attacker who...

Apple QuickTime TeXML Style Element Buffer Overflow

Added: 12/24/2012 CVE: CVE-2012-3752 BID: 56557 OSVDB: 87087 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.2 and earlier is vulnerable to remote code execution due to a failure to perform appropriate boundary checking. A remote attacker who...

Apple QuickTime TeXML Style Element Buffer Overflow

Added: 12/24/2012 CVE: CVE-2012-3752 BID: 56557 OSVDB: 87087 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.2 and earlier is vulnerable to remote code execution due to a failure to perform appropriate boundary checking. A remote attacker who...

Apple QuickTime TeXML Style Element Buffer Overflow

Added: 12/24/2012 CVE: CVE-2012-3752 BID: 56557 OSVDB: 87087 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.2 and earlier is vulnerable to remote code execution due to a failure to perform appropriate boundary checking. A remote attacker who...

Memory Corruption in QuickTime Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple QuickTime software version 7.7.2 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

Apple QuickTime Targa File Buffer Overflow (CVE-2012-3755)

A buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a bounds-checking error. A remote attacker can exploit this vulnerability by enticing a user to process a specially crafted Targa file. Successful exploitation may lead to arbitrary code execution...

Apple QuickTime TeXML Style Element Text Specification Buffer Overflow (CVE-2012-3752)

A buffer overflow vulnerability has been reported in Apple QuickTime...

Apple Patches Nine Vulnerabilities in QuickTime 7.7.3 Update

Apple shipped fixes for nine vulnerabilities in its QuickTime multimedia platform. The QuickTime 7.7.3 update resolves bugs for Windows 7, Vista, and XP service pack 2 and later. The first two patches, discovered by IBM X-Force’s Mark Yason and Microsoft’s Jeremy brown respectively, resolve a...

Apple QuickTime 7.7.2 MIME Type Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 OperatingSystems::WINDOWS, :uaname =...

Apple QuickTime 7.7.2 MIME Type Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

Apple QuickTime 7.7.2 - MIME Type Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 OperatingSystems::WINDOWS, :uaname =...

Apple QuickTime 7.7.2 MIME Type Buffer Overflow

This module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3. This module requires Metasploit: https://metasploit.com/download...

Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 OperatingSystems::WINDOWS, :javascript...