Page 17 of 186 results (0.003 seconds)

CVSS: 9.3EPSS: 4%CPEs: 52EXPL: 0

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file. Apple QuickTime anterior v7.6.9 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída aplicación) a través de un fichero PICT manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses directBitsRect records within a .pict file. When decompressing data within this structure, the application will allocate space for the target buffer using fields described within the file and then use a different length to decompress the total data from the file. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=882 http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://osvdb.org/69754 http://support.apple.com/kb/HT4447 http://www.securitytracker.com/id?1024830 http://zerodayinitiative.com/advisories/ZDI-10-261 http://zerodayinitiative.com/advisories/ZDI-10-262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15859 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 5%CPEs: 52EXPL: 0

Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file. Error de presencia de signo (signedness) de entero en Apple QuickTime anterior v7.6.9 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un atom panorama manipulado en un fichero QuickTime Virtual Reality (QTVR) This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that a user must be coerced into visiting a malicious page or opening a malicious file. The specific flaw exists within Apple's support for Panoramic Images and occurs due to the application trusting a particular field for calculation of an offset. Due to the field being treated as a signed integer, the calculated offset can result in a pointer outside the bounds of the expected buffer. Upon usage of this out-of-bounds pointer, the application will write proceed to write image data to the invalid location. • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://osvdb.org/69756 http://support.apple.com/kb/HT4447 http://support.apple.com/kb/HT4581 http://www.securitytracker.com/id?1024830 http://zerodayinitiative.com/advisories/ZDI-10-260 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16105 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 7%CPEs: 54EXPL: 0

Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms. Desbordamiento de búfer basado en memoria dinámica en Apple QuickTime anterior v7.6.9 en Windows permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída aplicación) a través del delTrack Header manipualdo (conocido como tkhd). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Quicktime.qts module responsible for parsing media files. While handling 3GP streams a function within this module a loop trusts a value directly from the media file and uses it during memory copy operations. • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://secunia.com/secunia_research/2010-72 http://support.apple.com/kb/HT4447 http://www.securitytracker.com/id?1024830 http://zerodayinitiative.com/advisories/ZDI-10-258 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15625 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 52EXPL: 0

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file. Apple QuickTime en versiones anteriores a la 7.6.9 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) mediante un fichero FlashPix manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required in that a user must be coerced into opening up a malicious document or visiting a malicious website. The specific flaw exists within the way the application parses a particular property out of a flashpix file. The application will explicitly trust a field in the property as a length for a loop over an array of data structures. • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://osvdb.org/69755 http://support.apple.com/kb/HT4447 http://support.apple.com/kb/HT4581 http://www.securitytracker.com/id?1024830 http://zerodayinitiative.com/advisories/ZDI-10-259 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15642 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 47%CPEs: 101EXPL: 1

Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. Desbordamiento de buffer basado en pila en la funcionalidad "error-logging" de Apple QuickTime en versiones anteriores a la v7.6.7 en Windows permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de un fichero de video modificado. • https://www.exploit-db.com/exploits/16558 http://lists.apple.com/archives/security-announce/2010//Aug/msg00002.html http://support.apple.com/kb/HT4290 http://www.securityfocus.com/bid/41962 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11800 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •