Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability

This vulnerability allows attackers to execute arbitrary code on systems with vulnerable installations of Apple's QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The flaw exists within the QuickTime Java extensions QTJava.dll,...

Integer overflow

Integer overflow in the FlipFileTypeAtomBtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V MP4 file...

Heap overflow

Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file...

CVE-2007-2296

Integer overflow in the FlipFileTypeAtomBtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V MP4 file...

CVE-2007-2295

Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file...

CVE-2007-2296

Integer overflow in the FlipFileTypeAtomBtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V MP4 file...

CVE-2007-2295

CVE-2007-2295 describes a heap-based buffer overflow in the QuickTime component JVTCompEncodeFrame used when processing malformed H.264 MOV files. Affected product: Apple QuickTime 7.1.5 and earlier versions up to 7.2. The underlying issue is insufficient bounds checking, which allows remote atta...

CVE-2007-2296

CVE-2007-2296: Apple QuickTime contains an integer overflow in the FlipFileTypeAtom_BtoN function used when parsing M4V/MP4 files, allowing remote code execution. Affected: QuickTime 7.1.5 and earlier; prior reports indicate impact for versions before 7.2. The connected documents confirm the root...

CVE-2007-2295

Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file...

Apple Quicktime Java处理任意代码执行漏洞

Apple QuickTime是一款流行的多媒体播放器，支持多种媒体格式。 QuickTime在处理Java时存在安全漏洞，如果用户通过启用了Java的浏览器（如Safari或Firefox）访问了恶意站点的话，就可能触发这个漏洞，导致执行任意指令。 Apple QuickTime Player = 7.1.5 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.apple.com...

CVE-2007-2175

Apple QuickTime Java extensions QTJava.dll, as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating...

Design/Logic Flaw

Apple QuickTime Java extensions QTJava.dll, as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating...

CVE-2007-2175

Apple QuickTime Java extensions QTJava.dll, as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating...

CVE-2007-2175

Apple QuickTime for Java (QTJava.dll) contains a heap memory corruption vulnerability in the toQTPointer function of QTHandleRef that can allow a remote, unauthenticated attacker to execute arbitrary code when Java is enabled in a browser (as demonstrated at CanSecWest 2007). The issue affects Qu...

QuickTime < 7.1.6 Multiple Vulnerabilities

Binary data 3975.prm...

Apple Quicktime for Java 7 Memory Access

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

Apple QuickTime 7.1.5 - QTJava toQTPointer() Java Handling Arbitrary Code Execution

Apple QuickTime 7.1.5 - QTJava toQTPointer Java Handling Arbitrary Code Execution source: https://www.securityfocus.com/bid/23608/info QuickTime is prone to a vulnerability that may aid in the remote compromise of a vulnerable computer. The issue occurs when a Java-enabled browser is used to view...

Apple QuickTime for Java 7 - Memory Access (Metasploit)

Apple QuickTime for Java 7 - Memory Access Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Apple QuickTime 7.1.5 - QTJava toQTPointer() Java Handling Arbitrary Code Execution

source: https://www.securityfocus.com/bid/23608/info QuickTime is prone to a vulnerability that may aid in the remote compromise of a vulnerable computer. The issue occurs when a Java-enabled browser is used to view a malicious website. QuickTime must also be installed. Attackers may exploit this...

Apple QuickTime for Java 7 - Memory Access (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apple QTJava...