Page 30 of 200 results (0.016 seconds)

CVSS: 5.8EPSS: 9%CPEs: 1EXPL: 0

Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption. Apple QuickTime before 7.4 permite a atacantes remotos ejecutar código de su elección a través de un archivo de película que contiene un registro Macintosh Resource con valor de longitud modificado en la cabecera del recurso, el cual dispara una corrupción de pila. • http://docs.info.apple.com/article.html?artnum=307301 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=642 http://lists.apple.com/archives/security-announce/2008/Jan/msg00001.html http://secunia.com/advisories/28502 http://www.securityfocus.com/bid/27301 http://www.securitytracker.com/id?1019221 http://www.us-cert.gov/cas/techalerts/TA08-016A.html http://www.vupen.com/english/advisories/2008/0148 https://exchange.xforce.ibmcloud.com/vulnerabilities/39696 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 62%CPEs: 1EXPL: 0

Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption. Una vulnerabilidad no especificada en Apple QuickTime versiones anteriores a 7.4, permite a los atacantes remotos causar una denegación de servicio (finalización de aplicación) y ejecutar código arbitrario por medio de un archivo de película con átomos de Image Descriptor (IDSC) que contiene un tamaño de átomo no válido, lo que desencadena una corrupción de la memoria. • http://docs.info.apple.com/article.html?artnum=307301 http://dvlabs.tippingpoint.com/advisory/TPTI-08-01 http://lists.apple.com/archives/security-announce/2008/Jan/msg00001.html http://secunia.com/advisories/28502 http://www.securityfocus.com/archive/1/486413/100/0/threaded http://www.securityfocus.com/bid/27299 http://www.securitytracker.com/id?1019221 http://www.us-cert.gov/cas/techalerts/TA08-016A.html http://www.vupen.com/english/advisories/2008/0148 https://exchange • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 8%CPEs: 1EXPL: 0

Buffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which triggers the overflow during decoding. Desbordamiento de búfer en Apple QuickTime anterior a 7.4 permite a atacantes remotos ejecutar código de su elección a través de una imagen comprimida manipulada PICT, el cual dispara el desbordamiento durante la decodificación. • http://docs.info.apple.com/article.html?artnum=307301 http://lists.apple.com/archives/security-announce/2008//Jul/msg00000.html http://lists.apple.com/archives/security-announce/2008/Jan/msg00001.html http://secunia.com/advisories/28502 http://secunia.com/advisories/31034 http://www.securityfocus.com/bid/27300 http://www.securitytracker.com/id?1019221 http://www.us-cert.gov/cas/techalerts/TA08-016A.html http://www.vupen.com/english/advisories/2008/0148 http://www.vupen. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.8EPSS: 4%CPEs: 1EXPL: 0

Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption. Vulnerabilidad no especificada en Apple QuickTime anterior a 7.4 permite a atacantes remotos provocar denegación de servicio (fin de la aplicación) y ejecutar código de su elección a través de un archivo de video manipulado Sorenson 3, el cual dispara corrupción de memoria. • http://docs.info.apple.com/article.html?artnum=307301 http://lists.apple.com/archives/security-announce/2008/Jan/msg00001.html http://secunia.com/advisories/28502 http://www.securityfocus.com/bid/27298 http://www.securitytracker.com/id?1019221 http://www.us-cert.gov/cas/techalerts/TA08-016A.html http://www.vupen.com/english/advisories/2008/0148 https://exchange.xforce.ibmcloud.com/vulnerabilities/39695 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 3%CPEs: 1EXPL: 0

Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie. Múltiples vulnerabilidades sin especificar en el manejador Flash de Apple QuickTime, en versiones anteriores a la 7.3.1, permite que atacantes remotos ejecuten código a su elección, o que se produzcan otros impactos no especificados a través de películas QuickTime manipuladas. • http://docs.info.apple.com/article.html?artnum=307176 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html http://secunia.com/advisories/28092 http://www.securityfocus.com/bid/26866 http://www.securitytracker.com/id?1019099 http://www.vupen.com/english/advisories/2007/4217 https://exchange.xforce.ibmcloud.com/vulnerabilities/39030 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •