Design/Logic Flaw

Array index error in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted Sync Sample aka stss atom da...

Heap overflow

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample ctts atom data in a malformed QuickTime medi...

PYSEC-2009-14

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample ctts atom data in a malformed QuickTime medi...

CVE-2009-0386

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample ctts atom data in a malformed QuickTime medi...

CVE-2009-0387

Array index error in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted Sync Sample aka stss atom da...

PYSEC-2009-15

Array index error in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted Sync Sample aka stss atom da...

CVE-2009-0386

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample ctts atom data in a malformed QuickTime medi...

CVE-2009-0386

GStreamer Good Plug-ins 0.10.9–0.10.11 are affected by a heap-based buffer overflow in qtdemux_parse_samples() when parsing QuickTime .mov files, via crafted ctts atom data, leading to remote code execution. Remediation documented across multiple advisories: upgrade to newer versions (Red Hat RHS...

CVE-2009-0387

Array index error in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted Sync Sample aka stss atom da...

CVE-2009-0387

Affects GStreamer Good Plugins (gst-plugins-good) versions 0.10.9–0.10.11, with the root cause in qtdemux_parse_samples() in gst/qtdemux/qtdemux.c. Remote attackers could crash the application and potentially execute code by crafting QuickTime (mov) Sync Sample (stss) atom data, related to “mark ...

CVE-2009-0386

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample ctts atom data in a malformed QuickTime medi...

Apple QuickTime Multiple Vulnerabilities - Jan09 (Windows)

The host is installed with Apple QuickTime and is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplequicktimemultvulnjan09win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Apple QuickTime Multiple Vulnerabilities - Jan09 Windows Authors: Chandan S Copyright: Copyright c 20...

Apple QuickTime multiple security vulnerabilities

Memory corruptions on Cinepak, VR Track, STSD, AVI parsing...

US-CERT Technical Cyber Security Alert TA09-022A -- Apple QuickTime Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-022A Apple QuickTime Updates for Multiple Vulnerabilities Original release date: January 22, 2009 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime 7.5 for Windows and Mac...

Apple QuickTime Multiple Vulnerabilities (Jan 2009) - Windows

Apple QuickTime is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:quicktime";...

CVE-2009-0008

Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service application crash or execute arbitrary code via a crafted MPEG-2 movie...

CVE-2009-0008

The CVE-2009-0008 issue affects Apple QuickTime MPEG-2 Playback Component (Windows) prior to version 7.60.92.0. Documents describe a vulnerability where processing a crafted MPEG-2 movie can cause an application crash (DoS) or allow remote code execution. Exploitation described in sources indicat...

CVE-2009-0008

Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service application crash or execute arbitrary code via a crafted MPEG-2 movie...

QuickTime < 7.6 Multiple Vulnerabilities

Binary data 4817.prm...

ZDI-09-006: Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability

ZDI-09-006: Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-006 January 21, 2009 -- CVE ID: CVE-2009-0003 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoin...