Lucene search
K

5 matches found

seebug.org
seebug.org
added 2008/10/08 12:0 a.m.72 views

Apple QuickTime 'STSZ' Atoms内存破坏漏洞

BUGTRAQ ID: 31546 CVE ID:CVE-2008-3626 CNCVE ID:CNCVE-20083626 Apple QuickTime是一款流行的媒体处理程序。 Apple QuickTime处理特殊构建的媒体文件存在问题,远程攻击者可以利用漏洞进行缓冲区溢出,可导致以应用程序权限执行任意指令。 问题存在于CallComponentFunctionWithStorage函数中对STSZ atoms的处理,当samplesizetable中的条目过大时,可触发内存破坏,可能以当前用户上下文执行任意指令。 Apple TV 2.1 Apple TV 2.0 Apple ...

6.8CVSS6.5AI score0.04541EPSS
Exploits2
seebug.org
seebug.org
added 2008/09/11 12:0 a.m.60 views

Apple QuickTime Movie/PICT/QTVR多个远程漏洞

BUGTRAQ ID: 31086 CVE ID:CVE-2008-3615 CVE-2008-3635 CVE-2008-3624 CVE-2008-3625 CVE-2008-3614 CVE-2008-3626 CVE-2008-3627 CVE-2008-3628 CVE-2008-3629 CNCVE ID:CNCVE-20083615 CNCVE-20083635 CNCVE-20083624 CNCVE-20083625 CNCVE-20083614 CNCVE-20083626 CNCVE-20083627 CNCVE-20083628 CNCVE-20083629...

9.3CVSS6.4AI score0.08618EPSS
Exploits2
CVE
CVE
added 2008/09/10 4:0 p.m.66 views

CVE-2008-3626

Apple QuickTime prior to 7.5.5 is affected by a memory-corruption vulnerability in CallComponentFunctionWithStorage when handling large entries in the STSZ atoms’ sample_size_table. A crafted movie file can allow remote attackers to execute arbitrary code or cause a denial of service. The issue a...

6.8CVSS7.5AI score0.04541EPSS
Exploits2References14Affected Software1
Cvelist
Cvelist
added 2008/09/10 4:0 p.m.27 views

CVE-2008-3626

The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the samplesizetable in STSZ atoms, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted mov...

7.5AI score0.04541EPSS
Exploits2References14
securityvulns
securityvulns
added 2008/09/10 12:0 a.m.63 views

ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability

ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-059 September 9, 2008 -- CVE ID: CVE-2008-3626 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IP...

6.8CVSS0.6AI score0.04541EPSS
Exploits2
Rows per page
Query Builder