7 matches found
ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability
ZDI-11-303 : Apple QuickTime H264 Stream framecropping Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-303 October 26, 2011 -- CVE ID: CVE-2011-3219 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...
QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)
The version of QuickTime installed on the remote Windows host is older than 7.7.1 and may be affected by the following vulnerabilities : - A cross-site scripting issue exists in HTML files generated by the 'Save for Web' export feature. CVE-2011-3218 - A buffer overflow error exists in the handli...
Apple Mac OS X CoreMedia H.264编码视频文件缓冲区溢出漏洞
BUGTRAQ ID: 50068 CVE ID: CVE-2011-3219 Mac OS X是苹果家族机器所使用的操作系统。 Apple Mac OS X在实现上存在缓冲区溢出漏洞,此漏洞可影响CoreMedia组件,允许攻击者以当前用户权限执行任意代码。 当解析H.264流的Sequence Parameter Set数据时,会读取帧剪裁偏移字段,当这些字段包含错误数据时,Quicktime会最终在视频流所分配的缓冲区之外写入,造成任意代码执行。 Apple Mac OS X 10.x Apple MacOS X Server 10.6.x 厂商补丁: Apple -----...
QuickTime < 7.7.1 Multiple Vulnerabilities
Binary data 6052.prm...
Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
APPLE-SA-2011-10-11-1 iTunes 10.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-11-1 iTunes 10.5 iTunes 10.5 is now available and addresses the following: CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: A man-in-the-middle attack may lead to an unexpected application termination or arbitra...
CVE-2011-3219
CVE-2011-3219 corresponds to a buffer overflow in Apple CoreMedia as used by iTunes prior to 10.5, allowing remote code execution or a crash when parsing H.264 movie streams. The issue is triggered by crafted H.264 data in a movie file, and affected products include Apple QuickTime/CoreMedia impl...