CVE-2012-3751

CVE-2012-3751 (Apple QuickTime) : A use-after-free in the QuickTime plugin’s handling of qtactivex parameters within an HTML OBJECT can allow remote code execution or crash the application. Affected: Apple QuickTime before 7.7.3. Exploitation vector: crafted HTML document. Mitigation: upgrade to ...

CVE-2012-3758

CVE-2012-3758 affects Apple QuickTime before 7.7.3. A buffer overflow in handling the transform attribute of text3GTrack TeXML files can allow remote code execution or cause an application crash (DoS). Public references confirm vulnerability details and mention upgrading to QuickTime 7.7.3 as rem...

CVE-2012-3755

Apple QuickTime contains a buffer overflow in the handling of Targa image files, affecting versions before 7.7.3. Successful exploitation can lead to arbitrary code execution or application crash. Remediation: upgrade to QuickTime 7.7.3 as per Apple advisory APPLE-SA-2012-11-07-1.

CVE-2011-1374

CVE-2011-1374 refers to a buffer overflow in Apple QuickTime prior to 7.7.3, affecting Windows. The root cause is improper handling of REGION records in PICT files, leading to potential remote code execution or application crash (denial of service). The affected product is Apple QuickTime for Win...

CVE-2012-3752

CVE-2012-3752: Apple QuickTime before 7.7.3 has multiple buffer overflows in TeXML style elements, allowing remote attackers to cause arbitrary code execution or a denial of service via a crafted TeXML file. Public materials reference a 7.7.2/7.7.3 window and show exploit notes (Metasploit module...

CVE-2012-3753

CVE-2012-3753 is a buffer overflow vulnerability in the Apple QuickTime plugin's handling of MIME types (Content-Type) prior to 7.7.3. The issue allows remote attackers to cause an application crash or execute arbitrary code. Public references in the provided documents include NVD, CPAI-2013-1665...

CVE-2012-3757

Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted PICT file...

CVE-2012-3756

CVE-2012-3756 : Apple QuickTime before 7.7.3 contains a heap/bounds-checking vulnerability in the parsing of QuickTime rnet boxes inside MP4 files. A remote attacker could craft a movie file to trigger a buffer overflow, potentially allowing arbitrary code execution or an application crash. Publi...

CVE-2012-3756

Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted rnet box in an MP4 movie file...

CVE-2012-3754

Affected software: Apple QuickTime for Windows (ActiveX control). Issue: Use-after-free in Clear() method of the QuickTime ActiveX control, leading to remote code execution or denial of service. Root cause: incorrect handling in the Clear method as described in CVE-2012-3754. Impact: arbitrary co...

Apple QuickTime Multiple Vulnerabilities - Nov12 (Windows)

This host is installed with Apple QuickTime and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbapplequicktimemultvulnnov12win.nasl 5931 2017-04-11 09:02:04Z teissa $ Apple QuickTime Multiple Vulnerabilities - Nov12 Windows Authors: Rachana Shetty Copyright: Copyright c 20...

Apple QuickTime 7.7.3之前版本多个任意代码执行漏洞

BUGTRAQ ID: 56438 CVE ID: CVE-2011-1374,CVE-2012-3751,CVE-2012-3752,CVE-2012-3753,CVE-2012-3754,CVE-2012-3755,CVE-2012-3756,CVE-2012-3757,CVE-2012-3758 QuickTime是由苹果电脑所开发的一种多媒体架构，能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式，以及交互式全景影像的数项类型。 QuickTime 7.7.3之前版本存在多个安全漏洞，在处理特制的文件时，可允许攻击者以当前登录用户权限执行任意代码。...

Apple QuickTime Multiple Vulnerabilities (Nov 2012) - Windows

Apple QuickTime is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:quicktime";...

Apple QuickTime multiple security vulnerabilities

Multiple memory corruptions on different file formats and server responses parsing and in ActiveX components...

Apple Fixes Critical Flaws in QuickTime 7.7.3

Apple has fixed nine vulnerabilities in its QuickTime media player software, all of which can be used to execute arbitrary code on vulnerable machines. Several of the flaws are buffer overflows, and users who still run QuickTime should update it as soon as possible. The patch for QuickTime is for...

Apple QuickTime Player 7.7.2 Crash

!/usr/bin/perl Title : Apple QuickTime Player 7.7.2 Division By Zero Version : 7.7.21680.56 Date : 2012-10-23 Vendor : http://www.apple.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ---- Don't forget that exploitable bugs will be...

Apple QuickTime Player 7.7.2 - Crash (PoC)

Apple QuickTime Player 7.7.2 - Crash PoC !/usr/bin/perl Title : Apple QuickTime Player 7.7.2 Division By Zero Version : 7.7.21680.56 Date : 2012-10-23 Vendor : http://www.apple.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ---- Don't...

Apple QuickTime Player 7.7.2 - Crash (PoC)

!/usr/bin/perl Title : Apple QuickTime Player 7.7.2 Division By Zero Version : 7.7.21680.56 Date : 2012-10-23 Vendor : http://www.apple.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ---- Don't forget that exploitable bugs will be...

Apple QuickTime Player 7.7.2 Division By Zero

Division by zero vulnerability during the handling of the .mov files. That will trigger a denial of service condition Title : Apple QuickTime Player suffers from Division By Zero Version : 7.7.21680.56 Date : 2012-10-23 Vendor : http://www.apple.com Impact : Med/High Contact : coolkaveh at...

Apple QuickTime TeXML Transform Attribute Parsing Buffer Overflow (CVE-2012-0663)

A stack buffer overflow vulnerability has been reported in Apple QuickTime...