CVE-2007-4707

Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie...

CVE-2007-4706

Apple QuickTime prior to version 7.3.1 is affected by a heap-based buffer overflow in the QTL file parsing that can allow a remote attacker to execute arbitrary code. This vulnerability affects QuickTime on multiple platforms referenced in CVE-2007-4706, with an impact described as potential remo...

CVE-2007-4707

CVE-2007-4707 concerns Apple QuickTime before 7.3.1, where the Flash media handler contains multiple vulnerabilities that can be exploited by a crafted QuickTime movie to remotely execute arbitrary code. Affected product: QuickTime (Windows and Mac OS X) prior to 7.3.1; vulnerability class is des...

Apple QuickTime QTL文件处理远程堆溢出漏洞

BUGTRAQ ID: 26868 CVECAN ID: CVE-2007-4706 Apple QuickTime是一款流行的多媒体播放器，支持多种媒体格式。 QuickTime处理QTL文件时存在堆溢出漏洞，如果用户受骗查看了恶意的QTL文件的话，攻击者就可能导致播放器意外终止或执行任意指令。 Apple QuickTime Player 7.3.1 Apple QuickTime Player 7.3.1 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

QuickTime < 7.3.1 Multiple Vulnerabilities

Binary data 4314.prm...

QuickTime < 7.3.1 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.3.1. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted RTSP movie, QTL file, or Flash media file...

QuickTime < 7.3.1 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.3.1. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted RTSP movie, QTL file, or Flash media file...

Some more widgets: Facebook, Hockey, FlickrInterestingNess &#40;Re: [MacOS X] Insecure eval&#40;&#41; in Twitgit and Twitterlex dashboard widgets&#41;

This is a follow-up to 0 and 1. Last night, I wrote: It would probably be an interesting exercise to go through some more dashboard widgets and grep for eval. I'd bet quite a bit that there's much more out there. - The top-50 facebook widget 2 uses the AllowFullAccess configuration option, which...

Information disclosure

Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organizati...

CVE-2007-6238

Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organizati...

CVE-2007-6238

Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organizati...

CVE-2007-6238

Technical details for CVE-2007-6238 are not publicly provided in the provided documents; the Initial Description is vague. Monitor for updates.

US-CERT Technical Cyber Security Alert TA07-334A -- Apple QuickTime RTSP Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-334A Apple QuickTime RTSP Buffer Overflow Original release date: November 30, 2007 Last revised: -- Source: US-CERT Systems Affected A buffer overflow in Apple QuickTime affects: Apple...

AuickTime buffer overflow

Buffer overflow on RTSP response Contet-Type header parsing parsing...

QuickTime RTSP Response Content-type remote stack rewrite exploit

Everyone Loves O|0+|O the Hypnotoad... |...| | | =o0O=====O0o=============================== | QuickTime RTSP Response Content-type | | remote stack rewrite exploit for IE 6/7 | | by Yag Kohha skyhole at gmail.com | =========================================== Exploit tested on: - Windows Vista -...

US-CERT Technical Cyber Security Alert TA07-334A -- Apple QuickTime RTSP Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-334A Apple QuickTime RTSP Buffer Overflow Original release date: November 30, 2007 Last revised: -- Source: US-CERT Systems Affected A buffer overflow in Apple QuickTime affects: Apple...

Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx)

No description provided by source. Copyright C 2007 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: http://www.milw0rm.com/exploits/4648 original Microsoft Windows code...

QuickTime RTSP Content-Type header buffer overflow

Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...

QuickTime RTSP Content-Type header buffer overflow

Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...

QuickTime RTSP Content-Type header buffer overflow

Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...