Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:23138
HistoryOct 27, 2011 - 12:00 a.m.

Apple Mac OS X CoreMedia H.264编码视频文件缓冲区溢出漏洞

2011-10-2700:00:00
Root
www.seebug.org
20

0.053 Low

EPSS

Percentile

92.2%

JSON

BUGTRAQ ID: 50068
CVE ID: CVE-2011-3219

Mac OS X是苹果家族机器所使用的操作系统。

Apple Mac OS X在实现上存在缓冲区溢出漏洞,此漏洞可影响CoreMedia组件,允许攻击者以当前用户权限执行任意代码。

当解析H.264流的Sequence Parameter Set数据时,会读取帧剪裁偏移字段,当这些字段包含错误数据时,Quicktime会最终在视频流所分配的缓冲区之外写入,造成任意代码执行。

Apple Mac OS X 10.x
Apple MacOS X Server 10.6.x
厂商补丁:

Apple

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://support.apple.com/

Related

securityvulns 7
zdi 1
prion 1
cve 1
nessus 7
openvas 6
seebug 1
securityvulns
securityvulns
ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability
2011-10-31 00:00:00
APPLE-SA-2011-10-26-1 QuickTime 7.7.1
2011-10-31 00:00:00
Apple QuickTime multiple security vulnerabilities
2012-08-20 00:00:00
zdi
zdi
Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability
2011-10-26 00:00:00
prion
prion
Buffer overflow
2011-10-12 18:55:00
cve
cve
CVE-2011-3219
2011-10-12 18:55:00
nessus
nessus
QuickTime < 7.7.1 Multiple Vulnerabilities
2011-10-27 00:00:00
QuickTime < 7.7.1 Multiple Vulnerabilities
2011-10-27 00:00:00
QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)
2011-10-28 00:00:00
openvas
openvas
Apple QuickTime Multiple Denial of Service Vulnerabilities - Windows
2011-11-03 00:00:00
Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
2011-11-03 00:00:00
Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
2011-10-20 00:00:00
seebug
seebug
Apple iTunes多个安全漏洞
2011-10-13 00:00:00

0.053 Low

EPSS

Percentile

92.2%

JSON
Related for SSV:23138
securityvulns7zdi1prion1cve1nessus7openvas6seebug1