CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 0CVE-2010-0516 – Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0516
Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding, which triggers memory corruption when the length of decompressed data exceeds that of the allocated heap chunk. Desbordamiento de búfer basado en pila en QuickTime en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código arbitrario o una denegación de servicio (caída de aplicación) a través de un fichero manipulado de película con codificación RLE. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of samples from a malformed .mov file utilizing the RLE codec. While decoding RLE data, the application will fail to validate the size when decompressing the data into a heap chunk. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html http://support.apple.com/kb/HT4077 http://www.securityfocus.com/archive/1/510513/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7062 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 6EXPL: 0CVE-2010-0518
https://notcve.org/view.php?id=CVE-2010-0518
QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with Sorenson encoding. QuickTime en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código arbitrario o una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un fichero de película con condificación Sorenson. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html http://support.apple.com/kb/HT4077 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7077 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 52%CPEs: 6EXPL: 1CVE-2010-0519 – Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0519
Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value. Desbordamiento de enteros en QuickTime en Apple Mac OS X anterior v10.6.3 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de programa) a través de un archivo de pelicula manipulado con codificación FlashPix. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of a malformed SubImage Header Stream from a malicious FlashPix image. The application takes the NumberOfTiles field from this data structure, multiplies it by 16, and then uses it in an allocation. • https://www.exploit-db.com/exploits/14869 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html http://support.apple.com/kb/HT4077 http://www.securityfocus.com/archive/1/510519/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-043 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7498 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2010-0512
https://notcve.org/view.php?id=CVE-2010-0512
The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials. La implementación de Preferencias de las Cuentas -Accounts Preferences- en Apple Mac OS X v10.6 anterior a v10.6.3 cuando se está usando un servidor de cuenta de red, no soporta el control de acceso de Login Window que se basa únicamente en pertenencia a grupos. Esto permite a atacantes evitar las restricciones de acceso pretendidas introduciendo credenciales de registro. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077 http://www.securityfocus.com/bid/39153 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 11%CPEs: 6EXPL: 1CVE-2010-0520 – Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0520
Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression. Desbordamiento de búfer basado en memoria dinámica (heap) en QuickTime en Apple Mac OS X anterior a 10.6.3, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de aplicación) a través de un archivo "movie" manipulado codificado con FLC. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within QuickTimeAuthoring.qtx during the parsing of DELTA_FLI chunks stored within a malformed .fli file. The applications trusts a user-supplied length for decompression which can be modified to copy more data than necessary leading to a buffer overflow. • https://www.exploit-db.com/exploits/15035 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html http://support.apple.com/kb/HT4077 http://www.securityfocus.com/archive/1/510520/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6801 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •