3024 matches found
Apple QuickTime < 7.2 - SMIL Remote Integer Overflow
---------------------------------------------------------------------- ATTACK VECTORS ---------------------------------------------------------------------- This vulnerability can be triggered by luring a target user into running a malicious SMIL file locally or via a webpage. In the later scenar...
Apple QuickTime 7.2 - SMIL Remote Integer Overflow
Apple QuickTime 7.2 - SMIL Remote Integer Overflow ---------------------------------------------------------------------- ATTACK VECTORS ---------------------------------------------------------------------- This vulnerability can be triggered by luring a target user into running a malicious SMIL...
Apple Quicktime < 7.2 SMIL Remote Integer Overflow PoC
Exploit for multiple platform in category dos / poc ====================================================== Apple Quicktime SRC="available-sample.qtif" QTSRC="poc.smil" WIDTH="10" HEIGHT="10" PLUGINSPAGE=" www.apple.com/quicktime/download" TYPE="video/quicktime" /...
Code injection
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution...
Integer overflow
Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted 1 title and 2 author fields in an SMIL file, related to improper calculations for memory allocation...
Memory corruption
Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption...
Code injection
The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets...
Design/Logic Flaw
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information screen content via crafted Java applets...
CVE-2007-2397
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets...
CVE-2007-2396
The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets...
CVE-2007-2393
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution...
CVE-2007-2402
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information screen content via crafted Java applets...
CVE-2007-2394
Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted 1 title and 2 author fields in an SMIL file, related to improper calculations for memory allocation...
CVE-2007-2393
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution...
CVE-2007-2394
Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted 1 title and 2 author fields in an SMIL file, related to improper calculations for memory allocation...
CVE-2007-2396
The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets...
CVE-2007-2397
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets...
CVE-2007-2402
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information screen content via crafted Java applets...
CVE-2007-2392
Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption...
CVE-2007-2402
CVE-2007-2402 affects QuickTime for Java in Apple QuickTime prior to 7.2. The vulnerability is a failure to perform sufficient access control, enabling remote attackers to obtain sensitive information (screen content) via crafted Java applets. The primary sources describe the issue as a design/lo...