Cross site scripting

The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect...

Memory corruption

QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted JPEG2000 image...

CVE-2011-0186

QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted JPEG2000 image...

CVE-2011-0187

The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect...

CVE-2011-0187

CVE-2011-0187 affects Mac OS X via the CoreMedia/QuickTime path: a cross-origin redirect in CoreMedia could bypass Same Origin Policy and allow access to potentially sensitive video data. The public details in connected docs indicate this is tied to OS X Lion/QuickTime/CoreMedia components, with ...

CVE-2011-0186

CVE-2011-0186 affects Apple QuickTime on Mac OS X, where memory corruption in JPEG2000 handling could allow remote arbitrary code execution or a crash. The issue is tied to QuickTime’s JPEG2000 processing and is listed with a base score of 4.3 (Medium). Public docs indicate that Apple addressed r...

Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.7. Mac OS X 10.6.7 contains security fixes for the following products : - AirPort - Apache - AppleScript - ATS - bzip2 - CarbonCore - ClamAV - CoreText - File Quarantine - HFS - ImageIO - Image RAW - Installer - Kerbero...

Mac OS X 10.6 < 10.6.7 Multiple Vulnerabilities

Binary data 800796.prm...

QuickTime Player v 7.5.x (m3u) Stack Buffer Overflow

Exploit for windows platform in category local exploits !/usr/bin/perl Title : QuickTime Player v 7.5.x m3u Stack Buffer Overflow Author : KedAns-Dz E-mail : email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Remote...

QuickTime Player 7.5.x Buffer Overflow

!/usr/bin/perl Title : QuickTime Player v 7.5.x m3u Stack Buffer Overflow Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Remote Access and BOF Tested on : Windows XP SP3 Français Targe...

Apple QuickTime 7.5 - .m3u Remote Stack Buffer Overflow

Apple QuickTime 7.5 - .m3u Remote Stack Buffer Overflow source: https://www.securityfocus.com/bid/46799/info Apple QuickTime is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to...

Apple QuickTime 7.5 - &#039;.m3u&#039; Remote Stack Buffer Overflow

source: https://www.securityfocus.com/bid/46799/info Apple QuickTime is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the affected...

ZDI-11-038: Apple Quicktime Sprite Transformation Remote Code Execution Vulnerability

ZDI-11-038: Apple Quicktime Sprite Transformation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-038 February 1, 2011 -- CVE ID: CVE-2010-3790 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...

Apple Quicktime Sprite Transformation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

SuSE 10 Security Update : Xine (ZYPP Patch Number 6229)

This update of xine-lib fixes an integer overflow in the qterror parsetrakatom function in that leads to a heap-based overflow and allows remote attackers to execute arbitrary code via a malformed Quicktime movie file. CVE-2009-1274 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

Apple QuickTime 7.6.6 - Invalid SMIL URI Buffer Overflow (Metasploit)

$Id: applequicktimesmildebug.rb 11513 2011-01-08 00:25:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Apple QuickTime 7.6.7 - _Marshaled_pUnk Code Execution (Metasploit)

$Id: applequicktimemarshaledpunk.rb 11513 2011-01-08 00:25:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

QuickTime Picture Viewer 7.6.6 JP2000 Denial of Service Vulnerability

Exploit for windows platform in category dos / poc done by BraniX www.hackers.org.pl found: 2010.08.18 published: 2010.12.27 tested on: Windows XP SP3 Home Edition App: QuickTime PictureViewer 7.6.6 DoS, Access Violation Exception PictureViewer.exe MD5: B2859391D32DBBFCE00FD2F641863954 filepath =...

QuickTime Picture Viewer 7.6.6 Denial Of Service

done by BraniX www.hackers.org.pl found: 2010.08.18 published: 2010.12.27 tested on: Windows XP SP3 Home Edition App: QuickTime PictureViewer 7.6.6 DoS, Access Violation Exception PictureViewer.exe MD5: B2859391D32DBBFCE00FD2F641863954 filepath = "C:\QuickTime PictureViewer 7.6.6 JP2000 DoS.jp2" ...

QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service

QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service done by BraniX www.hackers.org.pl found: 2010.08.18 published: 2010.12.27 tested on: Windows XP SP3 Home Edition App: QuickTime PictureViewer 7.6.6 DoS, Access Violation Exception PictureViewer.exe MD5: B2859391D32DBBFCE00FD2F641863954...