Apple QuickTime多个远程安全漏洞

BUGTRAQ ID: 28583 CVECAN ID: CVE-2008-1013,CVE-2008-1014,CVE-2008-1015,CVE-2008-1016,CVE-2008-1017,CVE-2008-1018,CVE-2008-1019,CVE-2008-1020,CVE-2008-1021,CVE-2008-1022,CVE-2008-1023 Apple QuickTime是一款非常流行的多媒体播放器。 QuickTime的7.4.5之前版本存在多个安全漏洞，允许用户通过畸形的媒体文件获得敏感信息或完全入侵用户系统。 CVE-2008-1013...

ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability

ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-016 April 3, 2008 -- CVE ID: CVE-2008-1018 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime 7.4.1 -- TippingPointTM IPS Customer Protection: TippingPoint...

ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability

ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-016 April 3, 2008 -- CVE ID: CVE-2008-1018 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime 7.4.1 -- TippingPointTM IPS Customer Protection: TippingPoint...

CVE-2008-1018

CVE-2008-1018 is a heap-based overflow in Apple QuickTime parsing of the MP4A atom (chan) that allows remote code execution when a malformed QuickTime movie is opened. Affected product: Apple QuickTime before 7.4.5. Root cause: heap corruption in Channel Compositor atom parsing. Impact: arbitrary...

QuickTime < 7.4.5 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.4.5. Such versions contain several vulnerabilities : - Untrusted Java applets may obtain elevated privileges CVE-2008-1013. - Downloading a movie file may lead to information disclosure CVE-2008-1014. - Viewing a...