3024 matches found
CVE-2011-0249
Apple QuickTime (before 7.7) is affected by a heap-based buffer overflow in the STSC atom handling in QuickTime movie files, allowing remote code execution or a denial of service. The CVE-2011-0249 flaw is triggered when a crafted STSC atom causes memory corruption during parsing, as documented b...
CVE-2011-0248
CVE-2011-0248 : Stack-based buffer overflow in the QuickTime ActiveX control of Apple QuickTime on Windows (pre-7.7) when using Internet Explorer, exploitable via a crafted QTL file to execute arbitrary code or cause a crash. The connected Red Hat (RH:CVE-2011-0248) and ZDI advisories describe th...
CVE-2011-0247
CVE-2011-0247 relates to multiple stack-based buffer overflows in Apple QuickTime on Windows, caused by improper bounds checking while parsing H.264 movie data. Exploitation allows remote arbitrary code execution or a crash (denial of service). Affected product is Apple QuickTime (Windows), with ...
CVE-2011-0246
CVE-2011-0246 refers to a heap-based buffer overflow in Apple QuickTime on Windows prior to version 7.7, triggered by processing a crafted GIF file. The vulnerability can allow remote code execution or cause an application crash (DoS). The NVD entry confirms the GIF-based overflow as the vector, ...
CVE-2011-0245
Apple QuickTime prior to version 7.7 is affected by a buffer overflow in the handling of pict files, allowing remote code execution or denial of service. Affected component: QuickTime (Windows/Mac). Root cause: buffer overflow when parsing pict data. Impact: arbitrary code execution or applicatio...
QuickTime < 7.7 Multiple Vulnerabilities
Binary data 801184.prm...
QuickTime < 7.7 Multiple Vulnerabilities
Binary data 6000.prm...
QuickTime < 7.7 Multiple Vulnerabilities (Windows)
The version of QuickTime installed on the remote Windows host is older than 7.7. As such, it reportedly may be affected by the following vulnerabilities : - A buffer overflow in QuickTime's handling of pict files may lead to an application crash or arbitrary code execution. CVE-2011-0245 - A buff...
QuickTime < 7.7 Multiple Vulnerabilities (Mac OS X)
The version of QuickTime installed on the remote Mac OS X host is older than 7.7. As such, it reportedly may be affected by the following vulnerabilities : - A buffer overflow in QuickTime's handling of pict files may lead to an application crash or arbitrary code execution. CVE-2011-0245 - A...
Apple Releases QuickTime 7.7
Apple has released QuickTime 7.7 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple Support Article HT4826 and apply any necessary updates to...
ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability
ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-230 June 29, 2011 -- CVE ID: CVE-2011-0211 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktim...
Apple QuickTime multiple security vulnerabilities
Memory corruptions on MPEG, Sorenson, AVI, JP2, FlashPix, GIF, PICT, QTVR and another video formats parsing...
ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability
ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-229 June 29, 2011 -- CVE ID: CVE-2011-0209 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...
ZDI-11-231: Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability
ZDI-11-231: Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-231 June 29, 2011 -- CVE ID: CVE-2010-3790 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...
ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability
ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-229 June 29, 2011 -- CVE ID: CVE-2011-0209 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...
Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...
Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...
Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...
CVE-2011-0209
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted RIFF WAV file...
CVE-2011-0213
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted JPEG file...