3024 matches found
Apple QuickTime 7.1.3 RTSP URI Buffer Overflow
This module exploits a buffer overflow in Apple QuickTime 7.1.3. This module was inspired by MOAB-01-01-2007. The Browser target for this module was tested against IE 6 and Firefox 1.5.0.3 on Windows XP SP0/2; Firefox 3 blacklists the QuickTime plugin. This module requires Metasploit:...
Apple QuickTime多个远程缓冲区溢出漏洞
Apple QuickTime是一款流行的多媒体播放器,支持多种媒体格式。 QuickTime在处理各种媒体格式时存在多个缓冲区溢出漏洞,远程攻击者可能利用这些漏洞通过诱使用户打开处理畸形媒体文件控制用户机器。 具体条目如下: QuickTime处理3GP视频文件时存在整数溢出。如果用户受骗打开了恶意的电影的话,就会触发这个溢出,导致拒绝服务或执行任意代码。(CVE-2007-0711) QuickTime处理MIDI文件时存在堆溢出。如果用户受骗打开了恶意的MIDI文件的话,就会触发这个溢出,导致拒绝服务或执行任意代码。(CVE-2007-0712)...
Apple QuickTime multiple security vulnerabilities
Integer overflows, buffer overflows and memory corruptions on different data formats parsing...
ZDI-07-010: Apple Quicktime UDTA Parsing Heap Overflow Vulnerability
ZDI-07-010: Apple Quicktime UDTA Parsing Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-010.html March 7, 2007 -- CVE ID: CVE-2007-0714 -- Affected Vendor: Apple -- Affected Products: Quicktime Player 7.1 -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
Apple Quicktime UDTA Parsing Heap Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of forged...
[Full-disclosure] Apple QuickTime Player Remote Heap Overflow
Apple QuickTime Player Remote Heap Overflow by Piotr Bania [email protected] http://www.piotrbania.com All rights reserved. Severity: Critical - potencial remote code execution. Software affected: Tested on QucikTime 7.1 Windows version, with all newest add-ons. Timeline: 03/09/2006...
iDefense Security Advisory 03.05.07: Apple QuickTime Color Table ID Heap Corruption Vulnerability
Apple QuickTime Color Table ID Heap Corruption Vulnerability iDefense Security Advisory 03.05.07 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 05, 2007 I. BACKGROUND Quicktime is Apple's media player product used to render video and other media. For more information visit...
[Reversemode Advisory] Apple Quicktime Color ID remote heap corruption
APPLE QUICKTIME COLOR TABLE ID REMOTE HEAP CORRUPTION Rubйn Santamarta [email protected] Affected products and/or platforms: Mac OS X v10.3.9 and later Windows Vista Windows XP Windows 2000 Color table ID A 16-bit integer that identifies which color table to use. If this field is set to –1, t...
[Full-disclosure] Apple QuickTime udta ATOM Integer Overflow
Apple QuickTime udta ATOM Integer Overflow By Sowhat of Nevis Labs Date: 2007.03.06 http://www.nevisnetworks.com http://secway.org/advisory/AD20070306.txt http://secway.org/advisory/AD20060512.txt CVE: CVE-2007-0714 Vendor: Apple Inc. Affected Versions: Apple QuickTime versions 7.1.5 Overview: We...
QuickTime < 7.1.5 Multiple Vulnerabilities
Binary data 3935.prm...
US-CERT Technical Cyber Security Alert TA07-065A -- Apple Releases Security Updates for QuickTime
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-065A Apple Releases Security Updates for QuickTime Original release date: March 06, 2007 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running Apple Mac OS ...
QuickTime < 7.1.5 Multiple Vulnerabilities (Windows)
According to its version, the installation of QuickTime on the remote Windows host is affected by multiple buffer overflows. An attacker may be able to leverage these issues to crash the affected application or to execute arbitrary code on the remote host by sending a specially crafted file to a...
Quicktime < 7.1.5 Multiple Vulnerabilities (Mac OS X)
According to its version, the installation of Quicktime on the remote Mac OS X host is affected by multiple buffer overflows. An attacker may be able to leverage these issues to crash the affected application or to execute arbitrary code on the remote host by sending a specially crafted file to a...
Apple QuickTime QTIF stack buffer overflow
Overview A vulnerabilty in the way Apple QuickTime processes QTIF files may allow execution of arbitrary code. Description A vulnerability exists in the way Apple QuickTime handles specially crafted QuickTime Image QTIF files. According to Apple QuickTime 7.1.5 security document 305149:A stack...
Apple QuickTime UDTA atom integer overflow
Overview Apple QuickTime contains an integer overflow in handling UDTA atoms, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime User Data UDTA Atoms allow a user to "... define and store data associated with a QuickTim...
Apple QuickTime 3GP integer overflow
Overview A vulnerabilty in the way Apple QuickTime processes 3GP files may allow execution of arbitrary code. Description A vulnerability exists in the way Apple QuickTime handles specially crafted 3GP files. According to Apple QuickTime 7.1.5 security document 305149:An integer overflow exists i...
Apple QuickTime movie heap buffer overflow vulnerability
Overview The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description Apple QuickTime contains a heap buffer overflow vulnerability. This vulnerability may allow an...
Apple QuickTime PICT heap buffer overflow
Overview The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description PICT is a graphics file format that was used by Apple Macintosh systems prior to OS X as their...
Apple QuickTime QTIF heap buffer overflow
Overview Apple QuickTime is vulnerable to a heap buffer overflow which may allow an attacker to execute arbitrary code or crash the system. Description A vulnerability exists in the way Apple QuickTime handles specially crafted QuickTime Image QTIF files. According to Apple QuickTime 7.1.5 securi...
Apple QuickTime fails to properly process specially crafted MIDI files
Overview The Apple Quicktime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description Apple QuickTime contains a heap buffer overflow vulnerability. This vulnerability may allow an...