3024 matches found
US-CERT Technical Cyber Security Alert TA06-256A -- Apple QuickTime Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-256A Apple QuickTime Vulnerabilities Original release date: September 13, 2006 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running Apple Mac OS X Microsof...
iDefense Security Advisory 09.12.06: Apple QuickTime FLIC File Heap Overflow Vulnerability
Apple QuickTime FLIC File Heap Overflow Vulnerability iDefense Security Advisory 09.12.06 http://www.idefense.com/intelligence/vulnerabilities/ Sep 12, 2006 I. BACKGROUND Quicktime is Apple's media player product used to render video and other media. For more information visit...
Quicktime < 7.1.3 Multiple Vulnerabilities (Mac OS X)
The remote Mac OS X host is running a version of Quicktime prior to 7.1.3. The remote version of Quicktime is vulnerable to various integer and buffer overflows involving specially crafted image and media files. An attacker may be able to leverage these issues to execute arbitrary code on the...
Apple QuickTime vulnerable to denial of service via specially crafted FlashPix file
Overview A buffer overflow vulnerability in the way Apple QuickTime handles FlashPix files could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description A buffer overflow vulnerability in QuickTime for Windows and Mac OS X may allow an attacker to...
Apple QuickTime Player H.264 Codec contains an integer overflow
Overview Apple QuickTime fails to properly handle H.264 movies. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple QuickTime Player is multimedia software that allows users to view local and remote...
Apple QuickTime fails to properly handle FlashPix files
Overview Apple QuickTime fails to properly handle FlashPix files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and remot...
Apple QuickTime movie buffer overflow vulnerability
Overview A buffer overflow vulnerability in the way Apple QuickTime handles movie files could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description A buffer overflow vulnerability in QuickTime for Windows and Mac OS X may allow an attacker to execut...
Apple QuickTime fails to properly handle SGI images
Overview Apple QuickTime fails to properly handle SGI images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple QuickTime is multimedia software that allows users to view local and remote audio, vide...
QuickTime < 7.1.3 Multiple Vulnerabilities (Windows)
The remote Windows host is running a version of QuickTime prior to 7.1.3. The remote version of QuickTime is vulnerable to various integer and buffer overflows involving specially crafted image and media files. An attacker may be able to leverage these issues to execute arbitrary code on the remo...
CVE-2006-4386
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381...
CVE-2006-4381
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie...
CVE-2006-4384
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR64 chunk in a FLIC FLC movie...
CVE-2006-4388
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file...
CVE-2006-4389
Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix FPX file, which triggers an exception that leads to an operation on an uninitialized object...
CVE-2006-4385
Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image...
CVE-2006-4382
Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie...
CVE-2006-4384
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR64 chunk in a FLIC FLC movie...
CVE-2006-4386
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381...
CVE-2006-4389
Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix FPX file, which triggers an exception that leads to an operation on an uninitialized object...
CVE-2006-4381
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie...