[VulnWatch] Fortinet Security Advisory: "Apple QuickTime Player Improper Memory Access Vulnerability"

Fortinet Security Advisory: FSA-2006-04 Apple QuickTime Player Improper Memory Access Vulnerability Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : High Reference :...

[VulnWatch] Fortinet Advisory: Apple QuickTime Player Color Map Entry Size Buffer Overflow

Fortinet Security Advisory: FSA-2006-06 Apple QuickTime Player Color Map Entry Size Buffer Overflow Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : High Reference :...

US-CERT Technical Cyber Security Alert TA06-011A -- Apple QuickTime Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running Apple Mac O...

[EEYEB-20051220] Apple QuickTime QTIF Stack Overflow

EEYEB-20051229 Apple QuickTime QTIF Stack Overflow Release Date: January 10, 2006 Date Reported: December 29, 2005 Patch Development Time In Days: 12 days Severity: High Code Execution Vendor: Apple Systems Affected: Quicktime on Windows 2000 Quicktime on Windows XP Quicktime on Mac OS X 10.3.9...

[EEYEB-20051117A] Apple QuickTime STSD Atom Heap Overflow

EEYEB-20051117A Apple QuickTime STSD Atom Heap Overflow Release Date: January 10, 2006 Date Reported: November 17, 2005 Patch Development Time In Days: 54 Days Severity: High Code Execution Vendor: Apple Systems Affected: Quicktime on Windows 2000 Quicktime on Windows XP Quicktime on Mac OS X...

[EEYEB-20051117B] Apple iTunes (QuickTime.qts) Heap Overflow

EEYEB-20051031 Apple QuickTime Malformed GIF Heap Overflow Release Date: January 10, 2006 Date Reported: October 31, 2005 Severity: High Code Execution Patch Development Time In Days: 71 Days Severity: High Code Execution Vendor: Apple Systems Affected: Quicktime on Windows 2000 Quicktime on...

CVE-2005-3707

Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files...

CVE-2005-3710

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width ImageWidth tags...

CVE-2005-3708

CVE-2005-3708 describes an integer overflow in Apple QuickTime prior to 7.0.4, triggered by crafted TGA image files. The vulnerability allows remote code execution by exploiting the QuickTime image parsing path, as documented across multiple sources (NVD entry for CVE-2005-3708 and CERT advisorie...

CVE-2005-3707

Apple QuickTime before 7.0.4 contains a buffer overflow in the handling of TGA image files (CVE-2005-3707). A crafted TGA image could allow a remote attacker to execute arbitrary code on vulnerable systems running QuickTime, with the impact described as remote code execution. The issue is tied to...

CVE-2005-3713

Apple QuickTime before 7.0.4 is affected by a heap-based buffer overflow triggered by a crafted GIF image containing a Netscape Navigator Application Extension Block. The overflow modifies the heap in the Picture Modifier block and can allow remote attackers to execute arbitrary code. Vendors doc...

CVE-2005-3710

Summary: CVE-2005-3710 is an Apple QuickTime TIFF handling vulnerability. A crafted TIFF image with modified ImageWidth triggers an integer overflow in QuickTime before version 7.0.4, which could allow remote code execution or a denial of service on affected systems (Mac OS X and Windows). Severa...

CVE-2005-3709

Apple QuickTime Player before 7.0.4 is affected by an integer underflow in the Color Map Entry Size when parsing TGA images, potentially allowing a remote attacker to cause a crash or execute arbitrary code. Fortinet/Apple advisories confirm the issue is triggered by specially crafted TGA files a...

CVE-2005-3711

Apple QuickTime

CVE-2005-3711

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified 1 "strips" StripByteCounts or 2 "bands" StripOffsets values...

CVE-2005-3709

Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file...

CVE-2005-2340

Apple QuickTime before 7.0.4 is affected by a heap/buffer overflow in image handling (QTIF, PICT, and JPEG) that enables remote code execution when a crafted image is opened. Several connected advisories confirm the vulnerability in QuickTime PictureViewer and related components, noting that the ...

CVE-2005-3708

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files...

CVE-2005-2340

Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted 1 QuickTime Image File QTIF, 2 PICT, or 3 JPEG format image with a long data field...

CVE-2005-3713

Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block...