Lucene search
CHkr_D591ZDI-12-125HistoryJul 12, 2012 - 12:00 a.m.
Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability
2012-07-1200:00:00
CHkr_D591
www.zerodayinitiative.com
14
EPSS
0.146
Percentile
95.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts. The stack buffer overflow occurs as a result of an unbounded string copy function in Quicktime.qts, reachable through the IQTPluginControl::SetLanguage COM method exposed by the COM object QTPlugin.ocx. This vulnerability can be leveraged to execute code under the context of the user.
References
Related
checkpoint_advisories
checkpoint_advisories
Apple QuickTime Plugin SetLanguage Buffer Overflow (CVE-2012-0666)
2012-10-14 00:00:00
cvelist
cvelist
CVE-2012-0666
2012-05-16 01:00:00
securityvulns
securityvulns
ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability
2012-07-16 00:00:00
Apple QuickTime multiple security vulnerabilities
2012-08-27 00:00:00
APPLE-SA-2012-05-15-1 QuickTime 7.7.2
2012-05-21 00:00:00
saint
saint
Apple QuickTime SetLanguage Overflow
2012-07-25 00:00:00
Apple QuickTime SetLanguage Overflow
2012-07-25 00:00:00
Apple QuickTime SetLanguage Overflow
2012-07-25 00:00:00
cve
cve
CVE-2012-0666
2012-05-16 10:12:57
prion
prion
Stack overflow
2012-05-16 10:12:00
nvd
nvd
CVE-2012-0666
2012-05-16 10:12:57
seebug
seebug
Apple QuickTime 7.7.2之前版本多个远程任意代码执行漏洞
2012-05-17 00:00:00
nessus
nessus
QuickTime < 7.7.2 Multiple Vulnerabilities
2012-05-18 00:00:00
QuickTime < 7.7.2 Multiple Vulnerabilities
2012-05-18 00:00:00
QuickTime < 7.7.2 Multiple Vulnerabilities (Windows)
2012-05-16 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities - (Windows)
2012-05-18 00:00:00
Apple QuickTime Multiple Vulnerabilities - Windows
2012-05-18 00:00:00