Lucene search
Matt "j00ru" JurczykZDI-11-315HistoryOct 27, 2011 - 12:00 a.m.
Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability
2011-10-2700:00:00
Matt "j00ru" Jurczyk
www.zerodayinitiative.com
23
EPSS
0.061
Percentile
93.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime decodes flic file. Flic files can contain FLC Delta Decompression block containing Run Length Encoded data. Quicktime fails to correctly checking the decompression size when decoding the RLE data. This allowes for a 4 byte overwrite past the end of the buffer which could result into remote code execution under the context of the current user.
References
Related
securityvulns
securityvulns
ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability
2011-10-31 00:00:00
Apple QuickTime multiple security vulnerabilities
2012-08-20 00:00:00
APPLE-SA-2011-10-26-1 QuickTime 7.7.1
2011-10-31 00:00:00
prion
prion
Buffer overflow
2011-10-28 02:49:00
cvelist
cvelist
CVE-2011-3249
2011-10-28 01:00:00
cve
cve
CVE-2011-3249
2011-10-28 02:49:53
nvd
nvd
CVE-2011-3249
2011-10-28 02:49:53
nessus
nessus
QuickTime < 7.7.1 Multiple Vulnerabilities
2011-10-27 00:00:00
QuickTime < 7.7.1 Multiple Vulnerabilities
2011-10-27 00:00:00
QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)
2011-10-28 00:00:00
openvas
openvas
Apple QuickTime Multiple Denial of Service Vulnerabilities - Windows
2011-11-03 00:00:00
Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
2011-11-03 00:00:00
Mac OS X Multiple Vulnerabilities (2012-001)
2012-02-06 00:00:00