ZDI-12-078 : Apple QuickTime SVQ3 Codec mb_skip_run Parsing Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-078 : Apple QuickTime SVQ3 Codec mbskiprun Parsing Remote Code Execution http://www.zerodayinitiative.com/advisories/ZDI-12-078 June 6, 2012 - -- CVE ID: CVE-2012-0669 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Apple - --...

QuickTime < 7.7.2 Multiple Vulnerabilities

Binary data 6489.prm...

Apple QuickTime 7.7.2之前版本多个远程任意代码执行漏洞

BUGTRAQ ID: 53547 CVE ID: CVE-2012-0663,CVE-2012-0664,CVE-2012-0665,CVE-2012-0666,CVE-2012-0667,CVE-2012-0668,CVE-2012-0669,CVE-2012-0670,CVE-2012-0671,CVE-2012-0265 OS X Lion Server 内含一组应用软件，可将任意一台Mac 变成功能强大的服务器。Mac OS是一套运行于苹果的Macintosh系列电脑上的操作系统。 Windows 7、Vista、XP上的Apple QuickTime...

CVE-2012-0669

Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with Sorenson encoding...

CVE-2012-0669

Apple QuickTime on Windows (CVE-2012-0669) has a remote code execution vulnerability in parsing Sorenson SVQ3 streams. The flaw can cause arbitrary code execution via a crafted movie file; exploit requires user interaction (e.g., opening a malicious file or visiting a malicious page). The issue i...