CVE-2008-0778 – QuickTime 7.4.1 - 'QTPlugin.ocx' Multiple Stack Overflow Vulnerabilities

https://notcve.org/view.php?id=CVE-2008-0778

Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. Múltiples vulnerabilidades de desbordamiento de búfer basado en pila en ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 y anteriores, permite a atacantes remotos causar una denegación de servicio y la posibilidad de ejecutar código de su elección a través de argumentos largos a los métodos: (1) setBgColor, (2) SetHREF, (3) SetMovieNAme, (4) SetTarget, y SetMatrix. • https://www.exploit-db.com/exploits/5110 http://securityreason.com/securityalert/3652 http://www.securityfocus.com/archive/1/488045/100/0/threaded http://www.securityfocus.com/bid/27769 https://exchange.xforce.ibmcloud.com/vulnerabilities/40475 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •