Apple QuickTime ActiveX Control Clear Method Use-After-Free (CVE-2012-3754)

A use-after-free vulnerability has been reported in Apple QuickTime's ActiveX control...

QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)

Binary data 6620.prm...

QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.7.3 and therefore is reportedly affected by the following vulnerabilities : - A buffer overflow exists in the handling of REGION records in PICT files. CVE-2011-1374 - A memory corruption issue exists in the handling of...

CVE-2012-3754

Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...

CVE-2012-3754

Affected software: Apple QuickTime for Windows (ActiveX control). Issue: Use-after-free in Clear() method of the QuickTime ActiveX control, leading to remote code execution or denial of service. Root cause: incorrect handling in the Clear method as described in CVE-2012-3754. Impact: arbitrary co...

APPLE-SA-2012-11-07-1 QuickTime 7.7.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-11-07-1 QuickTime 7.7.3 QuickTime 7.7.3 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted PICT file may lead to an unexpected application...