ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability

ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-007 January 21, 2009 -- CVE ID: CVE-2009-2006 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IP...

ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability

ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-005 January 21, 2009 -- CVE ID: CVE-2009-0002 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint...

ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability

ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-008 January 21, 2009 -- CVE ID: CVE-2009-0007 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

gstreamer-plugins-good -- multiple memory overflows

Secunia reports: Tobias Klein has reported some vulnerabilities in GStreamer Good Plug-ins, which can potentially be exploited by malicious people to compromise a vulnerable system. A boundary error occurs within the "qtdemuxparsesamples" function in gst/gtdemux/qtdemux.c when performing QuickTim...

QuickTime < 7.6 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.6. Such versions contain several vulnerabilities : - A heap-based buffer overflow in QuickTime's handling of RTSP URLs may lead to an application crash or arbitrary code execution. CVE-2009-0001 - A heap-based buffer...

QuickTime < 7.6 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.6. Such versions contain several vulnerabilities : - A heap buffer overflow in QuickTime's handling of RTSP URLs may lead to an application crash or arbitrary code execution. CVE-2009-0001 - A heap buffer overflow in...

Memory corruption

Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption...

Buffer overflow

Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a crafted MP3 audio file...

Heap overflow

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the WAVEFORMATEX structure...

Heap overflow

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms...

Heap overflow

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms...

Integer overflow

Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow...

Heap overflow

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a crafted RTSP URL...

CVE-2009-0005

Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption...

CVE-2009-0004

Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a crafted MP3 audio file...

CVE-2009-0007

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms...

CVE-2009-0001

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a crafted RTSP URL...

CVE-2009-0002

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms...

CVE-2009-0003

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the WAVEFORMATEX structure...

CVE-2009-0006

Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service application termination and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow...