quickitunes-oveflow.txt

Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash Vendor: http://www.apple.com/ Risk : high The "" tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player. This bug can be remote or local, Quicktime/Itunes parse any supplied file for a reconized head...

QuickTime 7.5.5 / ITunes 8.0 Remote Heap Overflow Crash Exploit

No description provided by source. Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash Vendor: http://www.apple.com/ Risk : high The "? quicktime type= ?" tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player. This bug can be remote or local,...

Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash

Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash Vendor: http://www.apple.com/ Risk : high The "" tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player. This bug can be remote or local, Quicktime/Itunes parse any supplied file for a reconized head...

QuickTime 7.5.5 / ITunes 8.0 Remote off by one Crash Exploit

No description provided by source. Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash Vendor: http://www.apple.com/ Risk : high The "? quicktime type= ?" tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player. This bug can be remote or local,...

Apple QuickTime 7.5.5 iTunes 8.0 - Remote Off-by-One Crash

Apple QuickTime 7.5.5 iTunes 8.0 - Remote Off-by-One Crash Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash Vendor: http://www.apple.com/ Risk : high The "" tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player. This bug can be remote or local,...

QuickTime 7.5.5 / ITunes 8.0 Remote off by one Crash Exploit

Exploit for multiple platform in category dos / poc ============================================================ QuickTime 7.5.5 / ITunes 8.0 Remote off by one Crash Exploit ============================================================ Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash Vendor:...

Apple QuickTime multiple security vulnerabilities

Integer overflow on PICT parsing, memory corruptions on STSZ, MDAT and H.264 parsing. Buffer overflows on AVC1 and Panorama PDAT parsing...

Critical Vulnerability in Apple Quicktime’s Indeo Codec

http://www.ngssoftware.com/advisories/critical-vulnerability-in-apple-quicktimes-indeo-codec/ Paul Byrne of NGSSoftware has discovered a critical vulnerability in Apple Quicktime's implementation of the Indeo Codec CVE-ID: CVE-2008-3615 which may allow an attacker to execute arbitrary code on a...

ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability

ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-057 September 9, 2008 -- CVE ID: CVE-2008-3635 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- Vulnerability Details: This vulnerability allows...

CVE-2008-3624

Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a QuickTime Virtual Reality QTVR movie file with crafted panorama atoms...

CVE-2008-3627

Apple QuickTime before 7.5.5 does not properly handle 1 MDAT atoms in MP4 video files within QuickTimeH264.qtx, 2 MDAT atoms in mov video files within QuickTimeH264.scalar, and 3 AVC1 atoms in an unknown media type within an unspecified component, which allows remote attackers to execute arbitrar...

CVE-2008-3628

Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PICT image, related to an "invalid pointer issue."...

CVE-2008-3614

Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PICT image, which triggers heap corruption...

CVE-2008-3615

ir5032.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, accesses uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file...

CVE-2008-3625

Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a QuickTime Virtual Reality QTVR movie file with crafted 1 maxTilt, 2 minFieldOfView, and 3 maxFieldOfView elements in panorama track PD...

CVE-2008-3626

The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the samplesizetable in STSZ atoms, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted mov...

CVE-2008-3629

Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service application crash via a crafted PICT image that triggers an out-of-bounds read...

CVE-2008-3635

Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 aka IV32 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted...

Code injection

ir5032.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, accesses uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file...

Heap overflow

Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a QuickTime Virtual Reality QTVR movie file with crafted panorama atoms...