CVSS: 9.3EPSS: 28%CPEs: 64EXPL: 0CVE-2012-0670 – Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0670
Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file. Desbordamiento de entero en Apple QuickTime antes de v7.7.2 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un sean atom modificado en un archivo de película. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts when parsing the 'sean' atom. The size specified in the atom's header is added to 0x0C and subsequently allocated. • http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://support.apple.com/kb/HT5261 http://support.apple.com/kb/HT5501 http://www.securityfocus.com/bid/53582 http://www.securitytracker.com/id?1027065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16111 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 10%CPEs: 64EXPL: 0CVE-2012-0671
https://notcve.org/view.php?id=CVE-2012-0671
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file. Apple QuickTime antes de v7.7.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un archivo malicioso .pict • http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://support.apple.com/kb/HT5261 http://support.apple.com/kb/HT5501 http://www.securityfocus.com/bid/53584 http://www.securitytracker.com/id?1027065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15219 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 2%CPEs: 32EXPL: 0CVE-2011-0256 – Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0256
Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file. Desbordamiento de entero en Apple QuickTime anterior a v7.7 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de un track run atoms manipulado en el fichero de una película QuickTime. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the 'trun' atom. Quicktime uses user supplied data in the 'sampleCount' field to calculate a buffer size. • http://support.apple.com/kb/HT4826 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16097 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 95%CPEs: 32EXPL: 2CVE-2011-0257 – Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0257
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow. Error de signo de entero en Apple QuickTime anterior a v7.7 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de la aplicación) a través de un código de operación PnSize manipulado en un archivo PICT provocando un desbordamiento de búfer basado en pila. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the PnSize PICT opcode. It converts an unsigned 16 bit value into a signed 32 bit value. • https://www.exploit-db.com/exploits/17777 http://securityreason.com/securityalert/8365 http://support.apple.com/kb/HT4826 http://www.exploit-db.com/exploits/17777 http://zerodayinitiative.com/advisories/ZDI-11-252 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16059 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 9%CPEs: 32EXPL: 0CVE-2011-0252 – Apple QuickTime STTS atom Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0252
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file. Desbordamiento de buffer basado en memoria dinámica en Apple QuickTime en versiones anteriores a 7.7 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través de atoms STTS modificados en un archivo de película QuickTime. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles invalid Sample Duration values in the Time-To-Sample atoms. This value is used in the calculation of a loop counter. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html http://support.apple.com/kb/HT5002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15884 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •