Next Page >>
Apple Quicktime
VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Apple QuickTime is software that allows Mac and Windows users to play
VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Apple QuickTime is software that allows Mac and Windows users to play
VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Apple QuickTime is software that allows Mac and Windows users to play
Hello,
Security Explorations discovered a security vulnerability in Apple
Quicktime [1] software and its Java extensions in particular.
When combined with the Issue 15 reported to Oracle on Apr 2 2012 [2],
this new issue might be used to successfully bypass all JVM security
restrictions on a vulnerable system.
http://labs.idefense.com/intelligence/vulnerabilities/
Nov 05, 2007
I. BACKGROUND
QuickTime is Apple's media player product used to render video and other
media. For more information visit http://www.apple.com/quicktime/
QuickTime VR (virtual reality) is a type of image file format supported
by Apple's QuickTime. It allows the creation and viewing of
photographically captured panoramas and the exploration of objects
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
Apple Quicktime Memory Corruption when parsing FPX files
CVE-2010-3801
INTRODUCTION
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ZDI-12-135 : Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-135
August 3, 2012
- -- CVE ID:
CVE-2012-0661
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ZDI-12-078 : Apple QuickTime SVQ3 Codec mb_skip_run Parsing Remote Code
Execution
http://www.zerodayinitiative.com/advisories/ZDI-12-078
June 6, 2012
- -- CVE ID:
CVE-2012-0669
ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-254
August 16, 2011
-- CVE ID:
CVE-2011-0256
-- CVSS:
ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-035
April 2, 2010
-- CVE ID:
CVE-2010-0526
-- Affected Vendors:
Apple
ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-313
October 27, 2011
-- CVE ID:
CVE-2011-3223
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
Hello All,
Security Explorations decided to release technical details and accompanying
Proof of Concept code for a security vulnerability in Apple QuickTime
software.
This move is made in a response to Apple's evaluation of a reported issue as
a "hardening issue" rather than a security bug [1].
Security Explorations does not agree with the results of Apple's evaluation.
ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-303
October 26, 2011
-- CVE ID:
CVE-2011-3219
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-316
October 27, 2011
-- CVE ID:
CVE-2011-3251
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
ZDI-09-027: Apple Quicktime PICT Opcode 0x8201 Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-027
June 2, 2009
-- CVE ID:
CVE-2009-0953
-- Affected Vendors:
Apple
ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-315
October 27, 2011
-- CVE ID:
CVE-2011-3249
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
======================================================================
Secunia Research 10/06/2008
- Apple QuickTime PICT Image Parsing Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
ZDI-11-259: Apple QuickTime STSZ atom Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-259
August 16, 2011
-- CVE ID:
CVE-2011-0251
-- CVSS:
ZDI-09-030: Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-030
June 2, 2009
-- CVE ID:
CVE-2009-0010
-- Affected Vendors:
Apple
________________________________________________________________________
Apple Safari & Quicktime Denial of Service
________________________________________________________________________
Shameless plug :
------------------------------------------------------------------------
You are invited to join the 2009 edition of HACK.LU, a small but
concentrated luxemburgish security conference.
More information : http://www.hack.lu - CFP is open, sponsorship is still
ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-250
August 9, 2011
-- CVE ID:
CVE-2011-0252
-- CVSS:
======================================================================
Secunia Research 02/06/2009
- Apple QuickTime MS ADPCM Encoding Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ZDI-12-079 : Apple QuickTime H264 Picture Width Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-079
June 6, 2012
- -- CVE ID:
CVE-2012-0665
ZDI-11-258: Apple QuickTime STSC atom Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-258
August 16, 2011
-- CVE ID:
CVE-2011-0249
-- CVSS:
ZDI-11-256: Apple QuickTime Media Link src Parameter Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-256
August 16, 2011
-- CVE ID:
CVE-2011-0248
-- CVSS:
ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-068
April 9, 2010
-- CVE ID:
CVE-2010-0062
-- Affected Vendors:
Apple
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-016
April 3, 2008
-- CVE ID:
CVE-2008-1018
-- Affected Vendors:
Apple
ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-230
June 29, 2011
-- CVE ID:
CVE-2011-0211
-- CVSS:
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-016
April 3, 2008
-- CVE ID:
CVE-2008-1018
-- Affected Vendors:
Apple
ZDI-08-016: Apple QuickTime MP4A Atom Parsing Heap Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-016
April 3, 2008
-- CVE ID:
CVE-2008-1018
-- Affected Vendors:
Apple
Next Page>>
|
