Design/Logic Flaw

QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file...

CVE-2011-0224

CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted QuickTime movie file...

CVE-2011-3220

QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file...

CVE-2011-3221

QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted file...

CVE-2011-3223

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FLIC movie file...

CVE-2011-3228

QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie file...

CVE-2011-3222

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FlashPix file...

CVE-2011-3218

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by spoofing the http server during local viewing of an exported...

CVE-2011-3228

CVE-2011-3228 is part of Apple QuickTime multiple vulnerabilities affecting QuickTime in Windows and macOS. The vulnerability arises from memory corruption in QuickTime’s handling of movie files, leading to remote code execution or a crash. In macOS, affected versions include OS X prior to 10.7.2...

CVE-2011-3223

CVE-2011-3223 affects Apple QuickTime. The vulnerability resides in QuickTime’s FLIC/FLIC movie decoding, specifically the FLC RLE packet handling, where an out-of-bounds write during decompression can lead to remote code execution. Exploitation requires the user to view a malicious file or page,...

CVE-2011-3222

The CVE refers to a buffer overflow in Apple QuickTime for OS X prior to 10.7.2, triggered by a crafted FlashPix file. A remote attacker could execute arbitrary code or cause an application crash. Affected product: Apple QuickTime on macOS X versions earlier than 10.7.2 (OS X Lion). Underlying ca...

CVE-2011-3221

CVE-2011-3221 affects Apple QuickTime, specifically the parsing of the atom hierarchy in QuickTime movie files. The issue allows remote execution of code in vulnerable installations of QuickTime Player on macOS X prior to 10.7.2 (and related QuickTime components), when a user opens a crafted file...

CVE-2011-3220

CVE-2011-3220 affects Apple QuickTime. The flaw is an uninitialized memory access in how QuickTime handles URL data handlers within movie files, allowing remote attackers to read memory contents via a crafted file. The issue is tied to QuickTime's atom data handling and can lead to memory disclos...

CVE-2011-3218

CVE-2011-3218 affects Apple QuickTime (Mac OS X up to 10.6.8). The vulnerability is in QuickTime Player’s Save for Web export, where exported HTML documents can reference an HTTP script file. An attacker controlling a local or networked environment could spoof the HTTP server during local viewing...

CVE-2011-0224

CVE-2011-0224 affects Apple Mac OS X up to 10.6.8, due to memory corruption in CoreMedia/QuickTime when handling crafted movie files. This can allow remote arbitrary code execution or a denial of service. The issue is addressed by Apple’s security updates (Security Update 2011-006; OS X 10.7.2 an...

Apple Mac OS X FlashPix文件CVE-2011-3222缓冲区溢出漏洞

Bugtraq ID: 50100 CVE ID：CVE-2011-3222 Apple Mac OS X是苹果公司发布的操作系统。 QuickTime处理FlashPix文件存在缓冲区溢出，构建特制的FLashPix文件可导致未明的应用程序终止或任意代码执行。 Apple Mac OS X Server 10.6.6 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.4 Apple Mac OS X Server 10.6.3 Apple Mac OS X Serve...

Apple Ships Mammoth Security Update for OS X

Apple released OS X Lion v10.7.2 yesterday along with an absolutely enormous security update that patches some 80 bugs in the various iterations of Apple’s operating system. One of the patches fixes a highly critical vulnerability that enables an attacker to run code on a remote machine with a...

Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.2. This version contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreMedia - CoreProcesses - CoreStorage - Fil...

Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)

This host is missing an important security update according to Mac OS X 10.6.5 Update/Mac OS X Security Update 2010-007 OpenVAS Vulnerability Test $Id: gbmacosxsu10-007.nasl 7052 2017-09-04 11:50:51Z teissa $ Mac OS X v10.6.4 Multiple Vulnerabilities 2010-007 Authors: Madhuri D Copyright: Copyrig...

CVE-2011-0258

Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted image description associated with an mp4v tag in a movie file...