104 matches found
SUSE CVE-2009-0398
Array index error in the gstqtptrakhandler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins aka gstreamer-plugins 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file...
SUSE CVE-2017-9128
The quicktimevideowidth function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted mp4 file...
Apple macOS High Sierra QuickTime Address Bar Deception Vulnerability
Apple macOS High Sierra is a proprietary operating system developed by Apple Inc. for Mac computers.QuickTime is one of the multimedia playback components. A security vulnerability exists in the QuickTime component of Apple macOS High Sierra versions prior to 10.13.1. An attacker can exploit this...
CVE-2017-9122
The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...
CVE-2016-2399
Integer overflow in the quicktimereadpascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom...
Apple OS X QuickTime memory corruption vulnerability (CNVD-2016-05736)
Apple OS X is a proprietary operating system developed by Apple for Mac computers, with QuickTime as one of the multimedia playback components. A memory corruption vulnerability exists in QuickTime in Apple OS X versions prior to 10.11.6. A remote attacker could exploit this vulnerability to...
CVE-2016-4600
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602...
The vulnerability of the Multimedia Toolkit QuickTime, allowing a hacker to execute arbitrary code or cause a service failure
The vulnerability of the Multimedia Toolkit QuickTime is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure using a specially crafted file...
The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the QuickTime component in the Mac OS X operating system is caused by buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely or cause a service failure memory corruption using a specially crafted FlashPix image...
Apple QuickTime Remote Memory Corruption Vulnerability (CNVD-2015-05768)
Apple QuickTime is a multimedia playback software developed by Apple. The program is capable of handling a wide range of resources such as digital video, media passages, and more. A remote memory corruption vulnerability exists in versions of Apple QuickTime prior to 7.7.8 running on Windows 7 an...
Apple QuickTime rnet Box Parsing Heap Buffer Overflow (CVE-2012-3756)
A heap buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a bounds-checking error while parsing QuickTime reference movie files. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted QuickTime movie fi...
Some more widgets: Facebook, Hockey, FlickrInterestingNess (Re: [MacOS X] Insecure eval() in Twitgit and Twitterlex dashboard widgets)
This is a follow-up to 0 and 1. Last night, I wrote: It would probably be an interesting exercise to go through some more dashboard widgets and grep for eval. I'd bet quite a bit that there's much more out there. - The top-50 facebook widget 2 uses the AllowFullAccess configuration option, which...
QuickTime PICT image UncompressedQuickTimeData buffer overflow
Added: 11/19/2007 CVE: CVE-2007-4672 BID: 26344 OSVDB: 38547 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens a specially crafted PICT image containing an invalid...
Apple QuickTime 6.5.1 - PictureViewer Buffer Overflow
Apple QuickTime 6.5.1 - PictureViewer Buffer Overflow source: https://www.securityfocus.com/bid/12905/info Apple QuickTime is reportedly prone to a buffer overflow when viewing malformed image files. This issue was reported to exist in QuickTime 6.5.1 for Windows. Other versions may also be...
Apple QuickTime 6.5.2.10 - .qtif Image Parsing
Apple QuickTime 6.5.2.10 - .qtif Image Parsing Added qtif on milw0rm's sploits archive/ /str0ke Application: QuickTime http://www.apple.com/quicktime/ AFFECTED VERSION: Versions verified to be vulnerable: QuickTime.qts 6.5.2.10 and prior versions are affected. The bug: The problem specifically...
Apple QuickTime <= 6.5.2.10 (.qtif) Image Parsing Vulnerability
No description provided by source. Added qtif on milw0rm's sploits archive/ /str0ke Application: QuickTime http://www.apple.com/quicktime/ AFFECTED VERSION: Versions verified to be vulnerable: QuickTime.qts 6.5.2.10 and prior versions are affected. The bug: The problem specifically exists when...
Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing
Added qtif on milw0rm's sploits archive/ /str0ke Application: QuickTime http://www.apple.com/quicktime/ AFFECTED VERSION: Versions verified to be vulnerable: QuickTime.qts 6.5.2.10 and prior versions are affected. The bug: The problem specifically exists when QuickTime.qts component parsing .qtif...
AppleQuickTime code execution
No description provided...
QuickTime < 6.5.1 .mov File sample-to-chunk Table Data Handling Overflow (Windows)
The remote host is using QuickTime, a popular media player/Plug-in that handles many Media files. This version has a Heap overflow that could allow an attacker to execute arbitrary code on this host, with the rights of the user running QuickTime. This script was written by Jeff Adams See the Ness...
[Full-Disclosure] EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow
Apple QuickTime QuickTime.qts Heap Overflow Release Date: May 02, 2004 Date Reported: February 18, 2004 Severity: High Code Execution Vendor: Apple Systems Affected: Apple QuickTime 6.5 Apple iTunes 4.2.0.72 Description: The Apple QuickTime media player is used for playing, interacting with or...