CVE-2010-1799 – Apple QuickTime 7.6.6 - Invalid SMIL URI Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-1799
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. Desbordamiento de buffer basado en pila en la funcionalidad "error-logging" de Apple QuickTime en versiones anteriores a la v7.6.7 en Windows permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de un fichero de video modificado. • https://www.exploit-db.com/exploits/16558 http://lists.apple.com/archives/security-announce/2010//Aug/msg00002.html http://support.apple.com/kb/HT4290 http://www.securityfocus.com/bid/41962 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11800 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-0528 – Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0528
Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value. QuickTime de Apple anterior a versión 7.6.6 sobre Windows, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y bloqueo de aplicación) por medio de tablas de color especialmente diseñadas en un archivo de película, relacionadas con datos de MediaVideo malformado, un átomo de descripción de muestra (STSD) y un valor de longitud especialmente diseñado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of malformed MediaVideo data from a sample description atom (STSD). The application will read a length from the file, subtract 1 and then use it as a counter for a loop. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html http://www.securityfocus.com/archive/1/510518/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-042 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6989 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-2203
https://notcve.org/view.php?id=CVE-2009-2203
Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file. Desbordamiento de búfer en Apple QuickTime en versiones anteriores a la v7.6.4 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de un fichero de video MPEG-4 modificado. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00002.html http://support.apple.com/kb/HT3859 http://support.apple.com/kb/HT3937 http://www.securityfocus.com/bid/36328 http://www.vupen.com/english/advisories/2009/3184 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5672 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-2202
https://notcve.org/view.php?id=CVE-2009-2202
Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file. Apple QuickTime anterior a v7.6.4, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un fichero de película H.264 manipulado. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00002.html http://support.apple.com/kb/HT3859 http://support.apple.com/kb/HT3937 http://www.securityfocus.com/bid/36328 http://www.vupen.com/english/advisories/2009/3184 https://exchange.xforce.ibmcloud.com/vulnerabilities/53127 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5467 •
CVE-2009-2798 – Apple QuickTime FlashPix Sector Size Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-2798
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. Desbordamiento de búfer basado en memoria dinámica (heap) en Apple QuickTime anterior a v7.6.4, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (Caída de aplicación) a través de un archivo FlashPix manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of malformed FlashPix (.fpx) files. While parsing the SectorShift and cSectFat fields from the header, the application will multiply 2 user-controlled 32-bit values and utilize this for an allocation. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00002.html http://support.apple.com/kb/HT3859 http://support.apple.com/kb/HT3937 http://www.securityfocus.com/bid/36328 http://www.vupen.com/english/advisories/2009/3184 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6258 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •