ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability

ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-313 October 27, 2011 -- CVE ID: CVE-2011-3223 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple...

QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.7.1 and may be affected by the following vulnerabilities : - A cross-site scripting issue exists in HTML files generated by the 'Save for Web' export feature. CVE-2011-3218 - A buffer overflow error exists in the handli...

Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)

This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2011-3223

CVE-2011-3223 affects Apple QuickTime. The vulnerability resides in QuickTime’s FLIC/FLIC movie decoding, specifically the FLC RLE packet handling, where an out-of-bounds write during decompression can lead to remote code execution. Exploitation requires the user to view a malicious file or page,...