Apple QuickTime QTVR QTVRStringAtom Parsing Buffer Overflow - Ver2 (CVE-2012-0667)

A buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a signedness error when processing a specially crafted QTVR string. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cau...

Apple QuickTime QTVR QTVRStringAtom Parsing Buffer Overflow (CVE-2012-0667)

A buffer overflow vulnerability has been reported in Apple QuickTime...

Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling

Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...

Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling

Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...

ZDI-12-077 : Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-077 : Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-077 June 6, 2012 - -- CVE ID: CVE-2012-0667 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendor...

Apple QuickTime 7.7.2之前版本QTVR文件远程代码执行漏洞

BUGTRAQ ID: 53583 CVE ID: CVE-2012-0667 QuickTime是由苹果电脑所开发的一种多媒体架构，能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式，以及交互式全景影像的数项类型。 Windows上的Apple QuickTime 7.7.2之前版本在处理特制的QTVR视频文件时存在整数签名错误，可允许远程攻击者执行任意代码或造成拒绝服务。 0 Apple QuickTime Player 7.x 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

QuickTime < 7.7.2 Multiple Vulnerabilities

Binary data 6489.prm...

Apple QuickTime 7.7.2之前版本多个远程任意代码执行漏洞

BUGTRAQ ID: 53547 CVE ID: CVE-2012-0663,CVE-2012-0664,CVE-2012-0665,CVE-2012-0666,CVE-2012-0667,CVE-2012-0668,CVE-2012-0669,CVE-2012-0670,CVE-2012-0671,CVE-2012-0265 OS X Lion Server 内含一组应用软件，可将任意一台Mac 变成功能强大的服务器。Mac OS是一套运行于苹果的Macintosh系列电脑上的操作系统。 Windows 7、Vista、XP上的Apple QuickTime...

CVE-2012-0667

CVE-2012-0667 affects Apple QuickTime on Windows prior to 7.7.2. The vulnerability resides in the QuickTimeVR.qtx component, where a signedness error in processing a QTVRStringAtom leads to an integer overflow, enabling remote code execution or an application crash when a crafted QTVR movie is op...