3024 matches found
CVE-2011-0256
Apple QuickTime contains an integer overflow in the handling of the TRUN atom (sampleCount) that can be triggered by crafted track run atoms in QuickTime movie files, impacting QuickTime before version 7.7. Exploitation could allow remote code execution or a denial of service (application crash) ...
Apple QuickTime PICT文件栈缓冲区溢出漏洞
Bugtraq ID: 49144 CVE ID:CVE-2011-0257 Apple QuickTime是一款流行的多媒体播放器。 Apple QuickTime处理PnSize PICT代码存在缺陷。它把无符号的16位值转换为32位值,此值之后用于内存拷贝函数的大小参数,用于把文件拷贝到栈中。结果可导致基于栈的缓冲区溢出,允许以当前用户上下文执行任意代码。 Apple QuickTime Player 7.6.8 Apple QuickTime Player 7.6.7 Apple QuickTime Player 7.6.6 1671 Apple QuickTime Player...
ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability
ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-250 August 9, 2011 -- CVE ID: CVE-2011-0252 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- Vulnerability Details...
ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability
ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-251 August 9, 2011 -- CVE ID: CVE-2011-0250 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointT...
Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...
CentOS Update for gstreamer-plugins CESA-2009:0270 centos4 i386
Check for the Version of gstreamer-plugins OpenVAS Vulnerability Test CentOS Update for gstreamer-plugins CESA-2009:0270 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute i...
CentOS Update for gstreamer-plugins CESA-2009:0269 centos3 i386
Check for the Version of gstreamer-plugins OpenVAS Vulnerability Test CentOS Update for gstreamer-plugins CESA-2009:0269 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute i...
Apple QuickTime STTS atom Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...
CentOS Update for gstreamer-plugins CESA-2009:0269 centos3 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for gstreamer-plugins CESA-2009:0270 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...
Apple QuickTime存在多个安全漏洞
CVE ID:CVE-2011-0186 CVE-2011-0187 CVE-2011-0209 CVE-2011-0210 CVE-2011-0211 CVE-2011-0213 CVE-2011-0245 CVE-2011-0246 CVE-2011-0247 CVE-2011-0248 CVE-2011-0249 CVE-2011-0250 CVE-2011-0251 CVE-2011-0252 Apple QuickTime是一款流行的多媒体播放器。 Apple QuickTime存在多个安全漏洞,允许攻击者进行拒绝服务,任意代码执行等攻击。 1Quick...
APPLE-SA-2011-08-03-1 QuickTime 7.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-08-03-1 QuickTime 7.7 QuickTime 7.7 is now available and addresses the following: QuickTime Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted pict file may...
CVE-2011-0247
Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted H.264 movie...
CVE-2011-0249
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted STSC atoms in a QuickTime movie file...
CVE-2011-0250
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted STSS atoms in a QuickTime movie file...
CVE-2011-0251
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted STSZ atoms in a QuickTime movie file...
CVE-2011-0252
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted STTS atoms in a QuickTime movie file...
CVE-2011-0248
Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted QTL file...
CVE-2011-0245
Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted pict file...