CVE-2007-0712
https://notcve.org/view.php?id=CVE-2007-0712
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. Desbordamiento de búfer basado en montón en Apple QuickTime anterior a 7.1.5 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un archivo MIDI manipulado. • http://docs.info.apple.com/article.html?artnum=305149 http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html http://osvdb.org/33904 http://secunia.com/advisories/24359 http://www.kb.cert.org/vuls/id/822481 http://www.securityfocus.com/bid/22827 http://www.securitytracker.com/id?1017725 http://www.us-cert.gov/cas/techalerts/TA07-065A.html http://www.vupen.com/english/advisories/2007/0825 https://exchange.xforce.ibmcloud.com/vulnerabilities/32816 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-0717
https://notcve.org/view.php?id=CVE-2007-0717
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file. Desbordamiento de búfer basado en montón en Apple QuickTime anterior a 7.1.5 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída)y posiblemente ejecutar código de su elección mediante un archivo QTIF manipulado. • http://docs.info.apple.com/article.html?artnum=305149 http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html http://osvdb.org/33899 http://secunia.com/advisories/24359 http://www.kb.cert.org/vuls/id/410993 http://www.securityfocus.com/bid/22827 http://www.securitytracker.com/id?1017725 http://www.us-cert.gov/cas/techalerts/TA07-065A.html http://www.vupen.com/english/advisories/2007/0825 https://exchange.xforce.ibmcloud.com/vulnerabilities/32823 •
CVE-2007-0716
https://notcve.org/view.php?id=CVE-2007-0716
Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file. Desbordamiento de búfer basado en pila en Apple QuickTime anterior a 7.1.5 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída)y posiblemente ejecutar código de su elección mediante un archivo QTIF manipulado. • http://docs.info.apple.com/article.html?artnum=305149 http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html http://osvdb.org/33900 http://secunia.com/advisories/24359 http://www.kb.cert.org/vuls/id/642433 http://www.securityfocus.com/bid/22827 http://www.securitytracker.com/id?1017725 http://www.us-cert.gov/cas/techalerts/TA07-065A.html http://www.vupen.com/english/advisories/2007/0825 https://exchange.xforce.ibmcloud.com/vulnerabilities/32822 •
CVE-2007-0711
https://notcve.org/view.php?id=CVE-2007-0711
Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file. Desbordamiento de entero en Apple QuickTime anterior a 7.1.5, cuando está instalado en un sistema operativo Windows, permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un archivo de video 3GP manipulado. • http://docs.info.apple.com/article.html?artnum=305149 http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html http://osvdb.org/33905 http://secunia.com/advisories/24359 http://www.kb.cert.org/vuls/id/568689 http://www.securityfocus.com/bid/22827 http://www.securitytracker.com/id?1017725 http://www.us-cert.gov/cas/techalerts/TA07-065A.html http://www.vupen.com/english/advisories/2007/0825 https://exchange.xforce.ibmcloud.com/vulnerabilities/32814 • CWE-189: Numeric Errors •
CVE-2007-0714 – Apple Quicktime UDTA Parsing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-0714
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value. Un desbordamiento de enteros en Apple QuickTime anterior a la versión 7.1.5 permite a atacantes remotos asistidos por el usuario causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de una película QuickTime creada con un User Data Atom (UDTA) con un campo Atom size con un valor largo. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of forged size fields in user-defined data atoms (UDTA). By setting this field to an overly large value, an integer overflow occurs resulting in an exploitable heap overflow. • http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0003.html http://docs.info.apple.com/article.html?artnum=305149 http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html http://osvdb.org/33902 http://secunia.com/advisories/24359 http://secway.org/advisory/AD20070306.txt http://www.kb.cert.org/vuls/id/861817 http://www.securityfocus.com/archive/1/461999/100/0/threaded http://www.securityfocus.com/archive/1/462153/100/0/threaded http://www. • CWE-189: Numeric Errors •