3025 matches found
Apple QuickTime Plugin SetLanguage Buffer Overflow (CVE-2012-0666)
A stack buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to insufficient bounds checking when parsing parameters to a certain method inside the QuickTime plugin. A remote attacker can exploit this issue by enticing a target user to open a specially...
Apple QuickTime PICT File Processing Memory Corruption (CVE-2012-0671)
A memory corruption vulnerability has been reported in Apple QuickTime...
Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-004. OpenVAS Vulnerability Test $Id: gbmacosxsu12-004.nasl 6521 2017-07-04 14:51:10Z cfischer $ Mac OS X v10.6.8 Multiple Vulnerabilities 2012-004 Authors: Madhuri D Copyright:...
CVE-2012-3722
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with Sorenson encoding...
Memory corruption
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with Sorenson encoding...
CVE-2012-3722
CVE-2012-3722 concerns an uninitialized memory access in the Sorenson codec used by QuickTime on macOS (before 10.7.5) and CoreMedia on iOS (before 6). The flaw allows remote attackers to execute arbitrary code or cause a denial of service via a crafted Sorenson-encoded movie file. References ind...
CVE-2012-3722
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with Sorenson encoding...
Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)
The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-004 applied. This update contains multiple security-related fixes for the following components : - Apache - Data Security - DirectoryService - ImageIO - International Components for Unicode - Mail - PHP ...
Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)
The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.5. The newer version contains multiple security-related fixes for the following components : - Apache - BIND - CoreText - Data Security - ImageIO - Installer - International Components for Unicode - Kernel - Mail - PHP ...
Apple QuickTime QTVR QTVRStringAtom Parsing Buffer Overflow (CVE-2012-0667)
A buffer overflow vulnerability has been reported in Apple QuickTime...
Apple QuickTime MPEG Stream Padding Buffer Overflow (CVE-2012-0659)
A buffer overflow vulnerability has been reported in Apple QuickTime...
Apple QuickTime TeXML Color String Parsing Buffer Overflow (CVE-2012-0663)
A stack buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to insufficient validation of a string length when processing certain elements inside QuickTime TeXML files. A remote attacker can exploit this issue by enticing a target user to open a specially...
Apple QuickTime multiple security vulnerabilities
Multiple vulnerabilities in TexML, H.264, MP4, MPEG, PNG, QTVR, JPEG2000, PICT and different audio and video formats parsing...
ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-153 August 22, 2012 - -- CVE ID: CVE-2012-0670 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...
Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts wh...
ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-136 August 17, 2012 - -- CVE ID: CVE-2011-3220 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
Apple Windows Quicktime Plugin 4.1.2 Overflow
Apple Quicktime plugin for Windows is vulnerable to a remote buffer overflow. A maliciously-constructed web link statement in a remote HTML document, which contains excess data argumenting an EMBED tag, could permit execution of hostile code...
Apple Quicktime plugin - Windows 4.1.2 (Japanese) Remote Overflow Vulnerability
Exploit for windows platform in category remote exploits source: http://www.securityfocus.com/bid/2328/info Apple Quicktime plugin for Windows is vulnerable to a remote buffer overflow. A maliciously-constructed web link statement in a remote HTML document, which contains excess data argumenting ...
Apple QuickTime plugin - Windows 4.1.2 (Japanese) Remote Overflow
source: https://www.securityfocus.com/bid/2328/info Apple Quicktime plugin for Windows is vulnerable to a remote buffer overflow. A maliciously-constructed web link statement in a remote HTML document, which contains excess data argumenting an EMBED tag, could permit execution of hostile code...
Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within how the application handles a...