2 matches found
ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability
ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-042 April 2, 2010 -- CVE ID: CVE-2010-0528 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection:...
CVE-2010-0528
Apple QuickTime for Windows prior to 7.6.6 is vulnerable to remote code execution via crafted color tables in a movie file, due to a flaw in parsing malformed MediaVideo data from the STSD atom and a crafted length value. The vulnerability can also cause memory corruption and application crashes,...