Page 26 of 186 results (0.004 seconds)

CVSS: 6.8EPSS: 5%CPEs: 1EXPL: 0

CVE-2008-1015

https://notcve.org/view.php?id=CVE-2008-1015

Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. Desbordamiento de búfer en el tratamiento de datos de referencia Atom en Apple QuickTime antes de 7.4.5 permite a atacantes remotos ejecutar código de su elección a través de una película manipulada. • http://lists.apple.com/archives/security-announce/2008//Jul/msg00000.html http://secunia.com/advisories/29650 http://secunia.com/advisories/31034 http://securitytracker.com/id?1019759 http://support.apple.com/kb/HT1241 http://www.securityfocus.com/bid/28583 http://www.us-cert.gov/cas/techalerts/TA08-094A.html http://www.vupen.com/english/advisories/2008/1078 http://www.vupen.com/english/advisories/2008/2064/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41604 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 4%CPEs: 1EXPL: 0

CVE-2008-1016

https://notcve.org/view.php?id=CVE-2008-1016

Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attackers to execute arbitrary code via a crafted movie that triggers memory corruption. Apple QuickTime antes de 7.4.5 no maneja adecuadamente las pistas de video, lo que permite a atacantes remotos ejecutar código de su elección a través de una película manipulada lo que provoca corrupción de la memoria • http://secunia.com/advisories/29650 http://securitytracker.com/id?1019760 http://support.apple.com/kb/HT1241 http://www.securityfocus.com/bid/28583 http://www.us-cert.gov/cas/techalerts/TA08-094A.html http://www.vupen.com/english/advisories/2008/1078 https://exchange.xforce.ibmcloud.com/vulnerabilities/41605 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.8EPSS: 3%CPEs: 1EXPL: 0

CVE-2008-1023

https://notcve.org/view.php?id=CVE-2008-1023

Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file. Desbordamiento de búfer en el opcode de análisis sintáctico Clip de Apple QuickTime antes de 7.4.5 en Windows permite a atacantes remotos ejecutar código de su elección a través de un archivo de imagen PICT manipulado. • http://secunia.com/advisories/29650 http://securitytracker.com/id?1019767 http://support.apple.com/kb/HT1241 http://www.securityfocus.com/bid/28583 http://www.us-cert.gov/cas/techalerts/TA08-094A.html http://www.vupen.com/english/advisories/2008/1078 https://exchange.xforce.ibmcloud.com/vulnerabilities/41615 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 20%CPEs: 1EXPL: 0

CVE-2008-1017 – Apple QuickTime Clipping Region Heap Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2008-1017

Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. Desbordamiento de búfer basado en montículo en el manejo atom de la región de saturación (aka crgn) en quicktime.qts en Apple QuickTime antes de 7.4.5 permite a atacantes remotos ejecutar código de su elección a través de una película manipulada. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the quicktime.qts library. The vulnerability resides in the component's parsing of 'crgn' atoms. • http://lists.apple.com/archives/security-announce/2008//Jul/msg00000.html http://secunia.com/advisories/29650 http://secunia.com/advisories/31034 http://securitytracker.com/id?1019761 http://support.apple.com/kb/HT1241 http://www.securityfocus.com/archive/1/490460/100/0/threaded http://www.securityfocus.com/bid/28583 http://www.us-cert.gov/cas/techalerts/TA08-094A.html http://www.vupen.com/english/advisories/2008/1078 http://www.vupen.com/english/advisories/2008/2064& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 26%CPEs: 1EXPL: 0

CVE-2008-1018 – Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2008-1018

Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom. Desbordamiento de búfer basado en montículo en Apple QuickTime antes de 7.4.5 permite a atacantes remotos ejecutar código de su elección a través de una película MP4A con un átomo canal Compositor (aka chan) mal formado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the parsing of the QuickTime Channel Compositor atom. When the movie file contains a malformed 'chan' atom, a heap corruption occurs resulting in the execution of arbitrary code. • http://lists.apple.com/archives/security-announce/2008//Jul/msg00000.html http://secunia.com/advisories/29650 http://secunia.com/advisories/31034 http://securitytracker.com/id?1019762 http://support.apple.com/kb/HT1241 http://www.securityfocus.com/archive/1/490467/100/0/threaded http://www.securityfocus.com/bid/28583 http://www.us-cert.gov/cas/techalerts/TA08-094A.html http://www.vupen.com/english/advisories/2008/1078 http://www.vupen.com/english/advisories/2008/2064& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •