Lucene search
Damian PutZDI-10-250HistoryNov 10, 2010 - 12:00 a.m.
Apple Quicktime rec Chunk Parsing Remote Code Execution Vulnerability
2010-11-1000:00:00
Damian Put
www.zerodayinitiative.com
14
0.063 Low
EPSS
Percentile
93.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing rec chunks within an AVI media file. By modifying specific values within the data structure a heap corruption condition can be triggered. An attacker can abuse this to execute arbitrary code under the context of the user running QuickTime.
Related
cve
cve
CVE-2010-3789
2010-11-16 22:00:16
cvelist
cvelist
CVE-2010-3789
2010-11-16 21:00:00
prion
prion
Memory corruption
2010-11-16 22:00:00
nvd
nvd
CVE-2010-3789
2010-11-16 22:00:16
nessus
nessus
QuickTime < 7.6.9 Multiple Vulnerabilities (Mac OS X)
2010-12-07 00:00:00
QuickTime < 7.6.9 Multiple Vulnerabilities
2010-12-07 00:00:00
QuickTime < 7.6.9 Multiple Vulnerabilities
2010-12-07 00:00:00
securityvulns
securityvulns
About the security content of QuickTime 7.6.9
2010-12-12 00:00:00
Apple QuickTime multiple security vulnerabilities
2011-07-04 00:00:00
Apple Mac OS X and QuickTime multiple security vulnerabilities
2013-11-18 00:00:00
openvas
openvas
Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
2011-09-07 00:00:00
Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
2011-09-07 00:00:00