Lucene search
AnonymousZDI-14-048HistoryApr 03, 2014 - 12:00 a.m.
Apple QuickTime ftab Atom Remote Code Execution Vulnerability
2014-04-0300:00:00
Anonymous
www.zerodayinitiative.com
18
0.04 Low
EPSS
Percentile
92.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the ftab atom. By providing an overly large font name, an attacker can overflow a fixed size stack buffer. An attacker could use this vulnerability to execute arbitrary code in the context of the user.
References
Related
cvelist
cvelist
CVE-2014-1246
2014-02-27 01:00:00
prion
prion
Buffer overflow
2014-02-27 01:55:00
nvd
nvd
CVE-2014-1246
2014-02-27 01:55:03
cve
cve
CVE-2014-1246
2014-02-27 01:55:03
checkpoint_advisories
checkpoint_advisories
Apple QuickTime ftab Atom Stack Buffer Overflow (CVE-2014-1246)
2014-05-04 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities (Mar 2014) - Windows
2014-03-04 00:00:00
Apple Mac OS X Multiple Vulnerabilities -04 (Sep 2014)
2014-09-22 00:00:00
kaspersky
kaspersky
KLA10016 Multiple vulnerabilities in Apple QuickTime
2014-02-25 00:00:00
securityvulns
securityvulns
Apple QuickTime multiple security vulnerabilities
2014-02-28 00:00:00
APPLE-SA-2014-02-25-3 QuickTime 7.7.5
2014-02-28 00:00:00
Apple Mac OS X multiple security vulnerabilities
2014-02-28 00:00:00
nessus
nessus
QuickTime < 7.7.5 Multiple Vulnerabilities (Windows)
2014-02-26 00:00:00
Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities
2014-02-25 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST)
2014-02-25 00:00:00
seebug
seebug
Apple Mac OS X多个安全漏洞(APPLE-SA-2014-02-25-1)
2014-02-26 00:00:00