Page 28 of 137 results (0.005 seconds)

CVSS: 7.5EPSS: 79%CPEs: 1EXPL: 2

Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. Múltiples vulnerabilidades de desbordamiento de búfer basado en pila en ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 y anteriores, permite a atacantes remotos causar una denegación de servicio y la posibilidad de ejecutar código de su elección a través de argumentos largos a los métodos: (1) setBgColor, (2) SetHREF, (3) SetMovieNAme, (4) SetTarget, y SetMatrix. • https://www.exploit-db.com/exploits/5110 http://securityreason.com/securityalert/3652 http://www.securityfocus.com/archive/1/488045/100/0/threaded http://www.securityfocus.com/bid/27769 https://exchange.xforce.ibmcloud.com/vulnerabilities/40475 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 62%CPEs: 1EXPL: 0

Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption. Una vulnerabilidad no especificada en Apple QuickTime versiones anteriores a 7.4, permite a los atacantes remotos causar una denegación de servicio (finalización de aplicación) y ejecutar código arbitrario por medio de un archivo de película con átomos de Image Descriptor (IDSC) que contiene un tamaño de átomo no válido, lo que desencadena una corrupción de la memoria. • http://docs.info.apple.com/article.html?artnum=307301 http://dvlabs.tippingpoint.com/advisory/TPTI-08-01 http://lists.apple.com/archives/security-announce/2008/Jan/msg00001.html http://secunia.com/advisories/28502 http://www.securityfocus.com/archive/1/486413/100/0/threaded http://www.securityfocus.com/bid/27299 http://www.securitytracker.com/id?1019221 http://www.us-cert.gov/cas/techalerts/TA08-016A.html http://www.vupen.com/english/advisories/2008/0148 https://exchange • CWE-399: Resource Management Errors •