CVE-2012-0663 – Apple Quicktime TeXML Karaoke Element Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0663
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file. Múltiples desbordamientos de búfer basados en memoria dinámica en antes de Apple QuickTime v7.7.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un archivo TeXML modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXML file. Specifically, when handling the karaoke XML element the code within QuickTime3GPP.qtx does not properly validate the length of the data within specific sub-fields. • https://www.exploit-db.com/exploits/19433 http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://support.apple.com/kb/HT5261 http://www.securityfocus.com/bid/53571 http://www.securitytracker.com/id?1027065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16006 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-0667 – Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0667
Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file. El error de signo de entero en Apple QuickTime antes de v7.7.2 en Windows permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un archivo de película QTVR modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QuickTimeVR.qtx component. A signedness error exists when processing a QTVRStringAtom having an overly large "stringLength" parameter. • http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://support.apple.com/kb/HT5261 http://www.securityfocus.com/bid/53583 http://www.securitytracker.com/id?1027065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15858 • CWE-189: Numeric Errors •
CVE-2012-0670 – Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0670
Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file. Desbordamiento de entero en Apple QuickTime antes de v7.7.2 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un sean atom modificado en un archivo de película. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts when parsing the 'sean' atom. The size specified in the atom's header is added to 0x0C and subsequently allocated. • http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://support.apple.com/kb/HT5261 http://support.apple.com/kb/HT5501 http://www.securityfocus.com/bid/53582 http://www.securitytracker.com/id?1027065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16111 • CWE-189: Numeric Errors •
CVE-2012-0671
https://notcve.org/view.php?id=CVE-2012-0671
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file. Apple QuickTime antes de v7.7.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un archivo malicioso .pict • http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://support.apple.com/kb/HT5261 http://support.apple.com/kb/HT5501 http://www.securityfocus.com/bid/53584 http://www.securitytracker.com/id?1027065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15219 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2011-0256 – Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0256
Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file. Desbordamiento de entero en Apple QuickTime anterior a v7.7 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de un track run atoms manipulado en el fichero de una película QuickTime. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the 'trun' atom. Quicktime uses user supplied data in the 'sampleCount' field to calculate a buffer size. • http://support.apple.com/kb/HT4826 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16097 • CWE-189: Numeric Errors •