Apple QuickTime PictureViewer PICT data decompression buffer overflow

Overview Apple QuickTime PictureViewer contains a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Apple's QuickTime Player is multimedia software that allows users to view local and remote audio/video content. PictureViewer is a...

Quicktime < 7.0.3 (Windows) Detection

Binary data 3280.prm...

CVE-2005-2753

Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string...

CVE-2005-2754

Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes."...

CVE-2005-2755

Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service crash via a crafted file with a missing movie attribute, which leads to a null dereference...

CVE-2005-2756

Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion...

CVE-2005-2753

Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string...

CVE-2005-2754

Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes."...

CVE-2005-2756

Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion...

CVE-2005-2754

CVE-2005-2754 refers to an integer overflow in Apple QuickTime before 7.0.3 that can enable remote code execution when a crafted MOV file with “Improper movie attributes” is loaded. The issue is documented across multiple sources as affecting QuickTime on Mac OS X and Windows, with the overflow p...

CVE-2005-2756

CVE-2005-2756 corresponds to a buffer overflow in Apple QuickTime PictureViewer that allows remote code execution when processing crafted PICT data. Affected: QuickTime before 7.0.3 (Mac and Windows). Root cause: lack of input validation during decompression of compressed PICT data, causing memor...

CVE-2005-2755

The CVE-2005-2755 entry concerns Apple QuickTime Player prior to 7.0.3. The vulnerability is triggered by a crafted file containing a missing movie attribute, which leads to a NULL pointer dereference and causes a denial-of-service crash. Affected product: QuickTime Player (macOS/Windows), versio...

CVE-2005-2753

CVE-2005-2753 affects Apple QuickTime prior to 7.0.3. An integer overflow in parsing MOV files causes a sign-extension error in a Pascal-style string, enabling user-assisted or remote code execution when a crafted MOV is opened. Impact is remote code execution with the attacker’s code running wit...

CVE-2005-2755

Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service crash via a crafted file with a missing movie attribute, which leads to a null dereference...

Apple QuickTime multiple vulnerabilities

Integer overflows, memory corruptions, DoS...

[Full-disclosure] Ad[Full-disclosure] Advisory: Apple QuickTime Player Remote Integer Overflow &#40;2&#41;

Apple QuickTime Player Remote Integer Overflow 2 by Piotr Bania [email protected] http://pb.specialised.info All rights reserved. CVE-ID: CVE-2005-2754 Original location: http://pb.specialised.info/all/adv/quicktime-mov-io2-adv.txt Severity: Critical - remote code execution. Software affected...

[Full-disclosure] Advisory: Apple QuickTime Player Remote Integer Overflow &#40;1&#41;

Apple QuickTime Player Remote Integer Overflow 1 by Piotr Bania [email protected] http://pb.specialised.info All rights reserved. CVE-ID: CVE-2005-2753 Original location: http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt Severity: Critical - remote code execution. Software affected...

[Full-disclosure] Advisory: Apple QuickTime PICT Remote Memory Overwrite

Apple QuickTime PICT Remote Memory Overwrite by Piotr Bania [email protected] http://pb.specialised.info All rights reserved. CVE-ID: CVE-2005-2756 Original location: http://pb.specialised.info/all/adv/quicktime-pict-adv.txt Severity: Critical - remote code execution. Software affected:...

Quicktime < 7.0.3 Multiple Vulnerabilities (Mac OS X)

The remote Mac OS X host is running a version of Quicktime 7 which is older than Quicktime 7.0.3. The remote version of this software is vulnerable to various buffer overflows which may allow an attacker to execute arbitrary code on the remote host by sending a malformed file to a victim and have...

QuickTime < 7.0.3 Multiple Vulnerabilities (Windows)

The remote Windows host is running a version of QuickTime that is older than QuickTime 7.0.3. The remote version of this software is reportedly vulnerable to various buffer overflows that may allow an attacker to execute arbitrary code on the remote host by sending a malformed file to a victim an...