Search...

Apple QuickTime 6.4/6.5/7.0.x PictureViewer JPEG/PICT File Buffer Overflow Vulnerability

2014-07-01T00:00:00

ID SSV:80689
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/16212/info

Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers.

An attacker may be able to exploit this issue to execute arbitrary machine code in the context of the affected application, but this has not been confirmed. Unsuccessful exploit attempts will most likely crash the application.

This issue affects QuickTime 6.5.2 and 7.0.3; other versions may also be vulnerable. QuickTime 7.0.4 may also be vulnerable, but this has not been confirmed.

This issue may have previously been discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities). 

http://www.exploit-db.com/sploits/27069.jpg

JSON Vulners Source

Initial Source

{"href": "https://www.seebug.org/vuldb/ssvid-80689", "status": "cve,poc", "bulletinFamily": "exploit", "modified": "2014-07-01T00:00:00", "title": "Apple QuickTime 6.4/6.5/7.0.x PictureViewer JPEG/PICT File Buffer Overflow Vulnerability", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-80689", "cvelist": [], "description": "No description provided by source.", "viewCount": 3, "published": "2014-07-01T00:00:00", "sourceData": "\n source: http://www.securityfocus.com/bid/16212/info\r\n\r\nApple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers.\r\n\r\nAn attacker may be able to exploit this issue to execute arbitrary machine code in the context of the affected application, but this has not been confirmed. Unsuccessful exploit attempts will most likely crash the application.\r\n\r\nThis issue affects QuickTime 6.5.2 and 7.0.3; other versions may also be vulnerable. QuickTime 7.0.4 may also be vulnerable, but this has not been confirmed.\r\n\r\nThis issue may have previously been discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities). \r\n\r\nhttp://www.exploit-db.com/sploits/27069.jpg\n ", "id": "SSV:80689", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T14:06:10", "reporter": "Root", "enchantments": {"score": {"value": -0.0, "vector": "NONE", "modified": "2017-11-19T14:06:10", "rev": 2}, "dependencies": {"references": [], "modified": "2017-11-19T14:06:10", "rev": 2}, "vulnersScore": -0.0}, "references": []}