ZDI-12-130 : Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-130 : Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-130 August 3, 2012 - -- CVE ID: CVE-2011-3458 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affecte...

QuickTime < 7.7.2 Multiple Vulnerabilities

Binary data 6489.prm...

Apple Mac OS X 远程代码执行漏洞(CVE-2011-3458)

Bugtraq ID: 51809 CVE ID：CVE-2011-3458 Apple Mac OS X是苹果公司发布的操作系统 打开恶意特制的MP4编码文件存在一个未初始化内存访问问题，攻击者可以利用漏洞导致应用程序崩溃或执行任意代码 0 Apple Mac Os X Server 10.7.2 Apple Mac Os X Server 10.7.1 Apple Mac Os X Server 10.7 Apple Mac Os X Server 10.6.8 Apple Mac Os X 10.7.2 Apple Mac Os X 10.7.1 厂商解决方案 Apple Mac ...

Mac OS X Multiple Vulnerabilities (2012-001)

This host is missing an important security update according to Mac OS X Update/Mac OS X Security Update 2012-001. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2011-3458

QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted MP4 file...

CVE-2011-3458

CVE-2011-3458 affects Apple QuickTime on macOS (OS X) prior to 10.7.3. The flaw is an uninitialized memory access during parsing of certain MP4 headers, allowing remote attackers to execute arbitrary code or cause an application crash via a crafted MP4 file. The impact is demonstrated as remote c...

CVE-2011-3458

QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted MP4 file...

Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)

The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-001 applied. This update contains multiple security-related fixes for the following components : - Apache - ATS - ColorSync - CoreAudio - CoreMedia - CoreText - curl - Data Security - dovecot - filecmds ...