Apple QuickTime rnet Box Parsing Heap Buffer Overflow (CVE-2012-3756)

A heap buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a bounds-checking error while parsing QuickTime reference movie files. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted QuickTime movie fi...

QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)

Binary data 6620.prm...

Apple QuickTime 视频文件缓冲区溢出漏洞

CVE ID: CVE-2012-3756 QuickTime是由苹果电脑所开发的一种多媒体架构，能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式，以及交互式全景影像的数项类型。 QuickTime在处理特制PM4文件内的'rnet'框时存在缓冲区溢出漏洞，可导致应用意外终止或任意代码执行。 0 Apple Quicktime 7.x 厂商补丁： Apple ----- 请更新到QuickTime 7.7.3： APPLE-SA-2012-11-07-1：QuickTime 7.7.3 链接：http://www.apple.com/quicktime/download/...

QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.7.3 and therefore is reportedly affected by the following vulnerabilities : - A buffer overflow exists in the handling of REGION records in PICT files. CVE-2011-1374 - A memory corruption issue exists in the handling of...

CVE-2012-3756

CVE-2012-3756 : Apple QuickTime before 7.7.3 contains a heap/bounds-checking vulnerability in the parsing of QuickTime rnet boxes inside MP4 files. A remote attacker could craft a movie file to trigger a buffer overflow, potentially allowing arbitrary code execution or an application crash. Publi...