Apple Quicktime /w IE .qtl Version XAS - Remote Exploit PoC

No description provided by source. !-- Performing XAS Cross Application Scripting attacks automatically read no user interaction is very easy, as I showed before in my shutting down skype proof-of-concept. But, what if you are using a limited web environment, where you can't use iframes or script...

Apple QuickTime Player 7.7.2 Crash PoC

No description provided by source. !/usr/bin/perl Title : Apple QuickTime Player 7.7.2 Division By Zero Version : 7.7.21680.56 Date : 2012-10-23 Vendor : http://www.apple.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ---- Don't forget...

Multiple Media Player HTTP DataHandler Overflow (Itunes, Quicktime, etc)

No description provided by source. ScaryMovie Exploit Study By: DrIDE October, 2009 There is a widespread failure in the way that .MOV files are handled by the Quicktime Library. I have attempted to compound my findings on this issue. Nearly every .MOV enabled application that I tested fell victi...

Apple QTJava toQTPointer() Arbitrary Memory Access

No description provided by source. $Id: qtjavapointer.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

QuickTime 7.5.5 / ITunes 8.0 - Remote off by one Crash Exploit

No description provided by source. Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash Vendor: http://www.apple.com/ Risk : high The ? quicktime type= ? tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player. This bug can be remote or local,...

Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution

No description provided by source. $Id: applequicktimemarshaledpunk.rb 11513 2011-01-08 00:25:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

Apple Mac OS X 10.x .zip Parsing BOMStackPop() Function Overflow

No description provided by source. source: http://www.securityfocus.com/bid/17634/info Apple Mac OS X is reported prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Safari, Preview, Finder, QuickTime, and BOMArchiveHelper. A remote attacker...

MacOS X QuickTime RTSP Content-Type Overflow

No description provided by source. $Id: quicktimertspcontenttype.rb 10617 2010-10-09 06:55:52Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

QuickTime Streaming Server parse_xml.cgi Remote Execution

No description provided by source. $Id: qtssparsexmlexec.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Apple QuickTime FLI LinePacket - Remote Code Execution Vulnerability

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-18-apple-quicktime-fli-linepacket-remote-code-execution-vulnerability/ ''' ''' Title : Apple QuickTime FLI...

Apple Quicktime plugin - Windows 4.1.2 (Japanese) Remote Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2328/info Apple Quicktime plugin for Windows is vulnerable to a remote buffer overflow. A maliciously-constructed web link statement in a remote HTML document, which contains excess data argumenting an EMBED tag, could...

Apple Quicktime 7 Invalid Atom Length Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit (win/osx)

No description provided by source. Copyright C 2007 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: http://www.milw0rm.com/exploits/4648 original Microsoft Windows code http://www.milw0rm.com/exploits/4651 recent Microsoft Windows...

Apple QuickTime <= 6.5.2.10 (.qtif) Image Parsing Vulnerability

No description provided by source. Added qtif on milw0rm's sploits archive/ /str0ke Application: QuickTime http://www.apple.com/quicktime/ AFFECTED VERSION: Versions verified to be vulnerable: QuickTime.qts 6.5.2.10 and prior versions are affected. The bug: The problem specifically exists when...

Apple QuickTime <= 7.1.5 Information Disclosure and Multiple Code Execution Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24873/info Apple QuickTime is prone to an information-disclosure and multiple remote code-execution vulnerabilities. Remote attackers may exploit these issues by enticing victims into opening maliciously crafted files or...

Joomla Component QuickTime VR 0.1 - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Joomla Component QuickTime VR v 0.1 Remote SQL Injection Found by : Houssamix From H-T Team H-T Team HouSSaMix + ToXiC350 Greetz : Mr.Al3FrItE & Islamic Security Team & Mounita20 & CoNaN and all musulmans hackers ComponentName: QuickTime VR...

Apple QuickTime <= 7.4.1 NULL Pointer Dereference Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35359/info Apple QuickTime is prone to a denial-of-service vulnerability. Note that an attacker will exploit this issue through the Safari browser by enticing a user to visit a malicious site. This will crash the user's...

Apple QuickTime 7.1.3 Plug-In Arbitrary Script Execution Weakness

No description provided by source. source: http://www.securityfocus.com/bid/20138/info Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files .qtl. An attacker can exploit this issue to execute arbitrary script code in the context of t...

Safari + Quicktime <= 7.3 RTSP Content-Type Remote BOF Exploit

No description provided by source. !/usr/bin/perl quickbite.pl Safari + Quicktime = 7.3 RTSP Content-Type overflow exploit for Mac OS X Intel Tested with OS X 10.4. On victim, browse to http://server:8080/ Binds shell on port 4444. by krafty greets to sk, halvar, grugq, and all the ethnical hacke...

Apple QuickTime Image Description Atom Sign Extension PoC

No description provided by source. print -----------BID 35166---------- print w3bd3vil at gmail dot com print Apple QuickTime Image Description Atom Sign Extension Vulnerability PoC print -----------BID 35166---------- bytes = 0x00, 0x00, 0x00, 0x08, 0x77, 0x69, 0x64, 0x65, 0x00, 0x02, 0xD6, 0x48...