3024 matches found
CVE-2008-3624
CVE-2008-3624 describes a heap-based buffer overflow in Apple QuickTime before 7.5.5 triggered by crafted QTVR panorama atoms in QuickTime movie files. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (application crash). Affected product is QuickTi...
CVE-2008-3615
CVE-2008-3615 affects Apple QuickTime on Windows due to an uninitialized memory access in the third‑party Indeo v5 codec (ir50_32.qtx). A crafted movie file can trigger remote code execution or cause a denial of service (crash). The issue is mitigated by updating to QuickTime 7.5.5 or later (as r...
CVE-2008-3614
Apple QuickTime for Windows before 7.5.5 is vulnerable to an integer overflow in PICT parsing, causing heap corruption that can enable remote code execution or an application crash when presented with a crafted PICT image. Affected product: QuickTime on Windows; root cause: heap corruption from P...
CVE-2008-3635
Apple QuickTime CVE-2008-3635 is a stack-based buffer overflow in QuickTimeInternetExtras.qtx when parsing Indeo v3.2 (IV32) in QuickTime on Windows prior to 7.5.5. The flaw arises from missing bounds checking in the IV32 codec parsing, allowing remote code execution or a crash via a crafted movi...
QuickTime < 7.5.5 Multiple Vulnerabilities
Binary data 4651.prm...
ZDI-08-061: Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability
ZDI-08-061: Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-061 September 9, 2008 -- CVE ID: CVE-2008-3627 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- Vulnerability Details: This vulnerability allows...
ZDI-08-058: Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability
ZDI-08-058: Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-058 September 9, 2008 -- CVE ID: CVE-2008-3625 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection:...
iDefense Security Advisory 09.09.08: Apple QuickTime PICT Integer Overflow Vulnerability
iDefense Security Advisory 09.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 09, 2008 I. BACKGROUND Quicktime is Apple's media player product, and is used to render video and other media. The PICT file format was developed by Apple Inc. in 1984. PICT files can contain both objec...
ZDI-08-062: Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability
ZDI-08-062: Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-062 September 9, 2008 -- CVE ID: CVE-2008-3627 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- Vulnerability Details: This vulnerability allows...
ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability
ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-059 September 9, 2008 -- CVE ID: CVE-2008-3626 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IP...
ZDI-08-060: Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability
ZDI-08-060: Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-060 September 9, 2008 -- CVE ID: CVE-2008-3627 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
QuickTime < 7.5.5 Multiple Vulnerabilities (Windows)
The version of QuickTime installed on the remote Windows host is older than 7.5.5. Such versions contain several vulnerabilities : - An integer overflow in QuickTime's handling of PICT images may lead to an application crash or arbitrary code execution CVE-2008-3614. - An uninitialized memory...
QuickTime < 7.5.5 Multiple Vulnerabilities (Mac OS X)
The version of QuickTime installed on the remote Mac OS X host is older than 7.5.5. Such versions contain several vulnerabilities : - Heap and stack-based buffer overflows in the handling of panorama atoms in QTVR QuickTime Virtual Reality movie files could lead to an application crash or arbitra...
Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of STSZ...
Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of QuickTim...
Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of AVC1...
Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of mov...
Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of MP4...
FreeBSD Ports: firefox
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: DarwinStreamingServer
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...