Page 31 of 200 results (0.004 seconds)

CVSS: 6.8EPSS: 8%CPEs: 1EXPL: 0

Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file. Desbordamiento de búfer basado en pila en Apple QuickTime anterior a 7.3.1 permite a atacantes remotos ejecutar código de su elección mediante un fichero QTL artesanal. • http://docs.info.apple.com/article.html?artnum=307176 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html http://osvdb.org/40883 http://secunia.com/advisories/28092 http://www.securityfocus.com/bid/26868 http://www.securitytracker.com/id?1019099 http://www.vupen.com/english/advisories/2007/4217 https://exchange.xforce.ibmcloud.com/vulnerabilities/39029 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 96%CPEs: 40EXPL: 8

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. Un desbordamiento de búfer en la región stack de la memoria en Apple QuickTime anterior a la versión 7.3.1, como es usado en QuickTime Player en Windows XP y Safari en Mac OS X, permite a servidores remotos de Real Time Streaming Protocol (RTSP) ejecutar código arbitrario por medio de una respuesta RTSP con un encabezado Content-Type largo. • https://www.exploit-db.com/exploits/4648 https://www.exploit-db.com/exploits/16873 https://www.exploit-db.com/exploits/6013 https://www.exploit-db.com/exploits/4657 https://www.exploit-db.com/exploits/4664 https://www.exploit-db.com/exploits/4651 https://www.exploit-db.com/exploits/11027 https://www.exploit-db.com/exploits/16424 http://docs.info.apple.com/article.html?artnum=307176 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html http:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 10%CPEs: 6EXPL: 0

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file. Desbordamiento de búfer basado en montículo en Apple QuickTime anterior a 7.3 permite a atacantes remotos ejecutar código de su elección mediante átomos Sample Table Sample Descriptor (STSD) manipulados en un archivo de película. • http://docs.info.apple.com/article.html?artnum=306896 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html http://osvdb.org/38549 http://secunia.com/advisories/27523 http://www.securityfocus.com/bid/26341 http://www.securitytracker.com/id?1018894 http://www.us-cert.gov/cas/techalerts/TA07-310A.html http://www.vupen.com/english/advisories/2007/3723 https://exchange.xforce.ibmcloud.com/vulnerabilities/38268 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 11%CPEs: 1EXPL: 0

Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption." Vulnerabilidad no especificada en Apple QuickTime anterior a 7.3 permite a atacantes remotos ejecutar código de su elección mediante un átomo de descripción de imagen (image description atom) manipulado en un archivo de película, relacionado con "corrupción de memoria". • http://docs.info.apple.com/article.html?artnum=306896 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html http://osvdb.org/38550 http://secunia.com/advisories/27523 http://www.kb.cert.org/vuls/id/797875 http://www.securityfocus.com/bid/26340 http://www.securitytracker.com/id?1018894 http://www.us-cert.gov/cas/techalerts/TA07-310A.html http://www.vupen.com/english/advisories/2007/3723 https://exchange.xforce.ibmcloud.com/vulnerabilities/38266 •

CVSS: 9.3EPSS: 80%CPEs: 6EXPL: 0

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors. Vulnerabilidad no especificada en QuickTime para Java de Apple QuickTime anterior a 7.3 permite a atacantes remotos ejecutar código de su elección mediante applets Java no confiables que obtienen privilegios a través de vectores no especificados. • http://docs.info.apple.com/article.html?artnum=306896 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html http://osvdb.org/38548 http://secunia.com/advisories/27523 http://www.kb.cert.org/vuls/id/319771 http://www.securityfocus.com/bid/26339 http://www.securitytracker.com/id?1018894 http://www.us-cert.gov/cas/techalerts/TA07-310A.html http://www.vupen.com/english/advisories/2007/3723 https://exchange.xforce.ibmcloud.com/vulnerabilities/38271 •