QuickTime 7.4.1 - 'QTPlugin.ocx' Multiple Stack Overflow Vulnerabilities

Application: QuickTime sub test bar = String515305, "A" foo.SetBgColor bar End Sub ===== 5Credits ===== laurent gaffié laurent.gaffieremovethisatgmaildotcom milw0rm.com 2008-02-13...

QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities

QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities Application: QuickTime sub test bar = String515305, "A" foo.SetBgColor bar End Sub ===== 5Credits ===== laurent gaffié laurent.gaffieremovethisatgmaildotcom milw0rm.com 2008-02-13...

Apple QuickTime ActiveX buffer overflow

Multiple buffer overflows in different methods and properties...

QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities

Exploit for unknown platform in category dos / poc ==================================================================== QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities ==================================================================== Application: QuickTime sub test bar =...

aquick-overflow.txt

Application: QuickTime sub test bar = String515305, "A" foo.SetBgColor bar End Sub ===== 5Credits ===== laurent gaffié laurent.gaffieremovethisatgmaildotcom...

QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow

Application: QuickTime = 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow Web Site: http://www.apple.com/fr/quicktime/download/ Platform: Windows Bug: Multiple Remote Stack Overflow ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits...

QuickTime < 7.4.1 RTSP Response Handling Overflow

Binary data 4363.prm...

QuickTime < 7.4.1 RTSP Response Long Reason-Phrase Arbitrary Remote Code Execution (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.4.1. Such versions contain a heap-based buffer overflow in the application's handling of HTTP responses when RTSP tunneling is enabled. If an attacker can trick a user into visiting a specially crafted webpage, arbitrar...

QuickTime < 7.4.1 RTSP Response Long Reason-Phrase Arbitrary Remote Code Execution (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.4.1. Such versions contain a heap buffer overflow in the application's handling of HTTP responses when RTSP tunneling is enabled. If an attacker can trick a user to visit a specially crafted webpage, he may be able to ...

Code injection

Array index error in libmpdemux/demuxmov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag...

CVE-2008-0485

Array index error in libmpdemux/demuxmov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag...

CVE-2008-0485

Array index error in libmpdemux/demuxmov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag...

DEBIAN-CVE-2008-0485

Array index error in libmpdemux/demuxmov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag...

CVE-2008-0485

Array index error in libmpdemux/demuxmov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag...

CVE-2008-0485

The CVE-2008-0485 issue affects MPlayer 1.0_rc2 and earlier due to an array index error in libmpdemux/demux_mov.c when parsing MOV headers. A crafted QuickTime MOV file with a manipulated stsc atom tag can allow remote code execution (high impact). The Gentoo GLSA and Mandriva/open-source advisor...

CVE-2008-0485

Array index error in libmpdemux/demuxmov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag...

Apple QuickTime multiple security vulnerabilities

Buffer overflow on parsing Macintosh resources embedded into QuickTime movie. Quicktime Image IDSC atom memory corruption...

US-CERT Technical Cyber Security Alert TA08-016A -- Apple QuickTime Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-016A Apple QuickTime Updates for Multiple Vulnerabilities Original release date: January 16, 2008 Last revised: -- Source: US-CERT Systems Affected Apple Mac OS X running versions of...

TPTI-08-01: Apple Quicktime Image File IDSC Atom Memory Corruption Vulnerability

TPTI-08-01: Apple Quicktime Image File IDSC Atom Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/TPTI-08-01.html January 15, 2008 -- CVE ID: CVE-2008-0033 -- Affected Vendor: Apple -- Affected Products: QuickTime Player 7.3 QuickTime PictureViewer 7.3 -- Vulnerability...

Design/Logic Flaw

Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption...