Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30334
HistoryFeb 28, 2014 - 12:00 a.m.

APPLE-SA-2014-02-25-3 QuickTime 7.7.5

2014-02-2800:00:00
vulners.com
37
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-02-25-3 QuickTime 7.7.5

QuickTime 7.7.5 is now available and addresses the following:

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An uninitialized pointer issue existed in the handling
of track lists. This issue was addressed through improved error
checking.
CVE-ID
CVE-2014-1243 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)
working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of H.264
encoded movie files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2014-1244 : Tom Gallagher & Paul Bates working with HP's Zero Day
Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An out of bounds byte swapping issue existed in the
handling of QuickTime image descriptions. This issue was addressed
through improved bounds checking.
CVE-ID
CVE-2013-1032 : Jason Kratzer working with iDefense VCP

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A signedness issue existed in the handling of 'stsz'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1245 : Tom Gallagher & Paul Bates working with HP's Zero Day
Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of 'ftab'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1246 : An anonymous researcher working with HP's Zero Day
Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
'dref' atoms. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2014-1247 : Tom Gallagher & Paul Bates working with HP's Zero Day
Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of 'ldat'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1248 : Jason Kratzer working with iDefense VCP

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted PSD image may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of PSD
images. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1249 : dragonltx of Tencent Security Team

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An out of bounds byte swapping issue existed in the
handling of 'ttfo' elements. This issue was addressed through
improved bounds checking.
CVE-ID
CVE-2014-1250 : Jason Kratzer working with iDefense VCP

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of 'clef'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1251 : Aliz Hammond working with HP's Zero Day Initiative

QuickTime 7.7.5 may be obtained from the QuickTime Downloads site:
http://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTDNezAAoJEPefwLHPlZEwA28P/24CQNEYClDxGO81zpafYO0R
zNWNZiyxkcMWYGuDXvcN5HLiLiDwOkJqUMMkOxzCtsTKw69xopzlebzyZ4CS4YiZ
J4xQzzGjD3dOtseQLTHp1CRNXUl/sIgR1ztS+qCkmh5/QJlSEQlg/as9KlJ0RM2Q
yzUfMjy92KZjmGRsEimFbI2xq9lMR1nwMC0pJvB4T670rK3SHEUs1lfpv2HNOAR7
54s7OL8TU+L/xAo2HfS6+2LScKIrye7vsOMH0KuB3BiQ16HBYRQdL+tWV3HAF/Cl
fk5EZQplKBcB3ljR6fvM3xv0xBtxo1AzYCuoJWu2Hr7kB/EsnBWKn/Tok6+6m0Fv
7KlV1x6o23omqtFgXuI+wUm6Vp5q0kvnZghVIcZ+gWMa5utakYazCJ2v+HX8C0Jf
exyk+l44APSEQ+n31HVEqcD8AfOj7HuRN/lP+N8KOPDMIMKEpvhvmB+x9+9b54y4
c5S/zX2q3KQUra5/zGSmgMHeMAoMkvz+4bVZnINTzVx/gcROWhzPjv+R/pD/ofLR
8rAQJvt9JOcrrfGnsk94ghimc6ZntpfMwkTLp82iRQcQuu5L5YR3lsAnZne1OExf
8e9FVCbmdvoWsACPsvWvAhf0qoAX3B70lSybPXL8rYG+curfL0NlJb9ib6bho0wC
kgqQGWbrFmVneRK/E72N
=Kg2H
-----END PGP SIGNATURE-----

Related

kaspersky 1
nessus 7
securityvulns 5
openvas 3
seebug 3
zdi 6
cve 10
prion 10
checkpoint_advisories 1
kaspersky
kaspersky
KLA10016 Multiple vulnerabilities in Apple QuickTime
2014-02-25 00:00:00
nessus
nessus
Quicktime (for Windows) < 7.7.5 Multiple Vulnerabilities (deprecated)
2014-02-26 00:00:00
QuickTime < 7.7.5 Multiple Vulnerabilities (Windows)
2014-02-26 00:00:00
Apple Quicktime 7.7.5 Multiple Vulnerabilities
2014-02-26 00:00:00
securityvulns
securityvulns
Apple QuickTime multiple security vulnerabilities
2014-02-28 00:00:00
Apple Mac OS X multiple security vulnerabilities
2014-02-28 00:00:00
APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001
2014-02-28 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities (Mar 2014) - Windows
2014-03-04 00:00:00
Apple Mac OS X Multiple Vulnerabilities -04 (Sep 2014)
2014-09-22 00:00:00
Apple Mac OS X Multiple Vulnerabilities-04 (Oct 2015)
2015-10-29 00:00:00
seebug
seebug
Apple Mac OS X多个安全漏洞(APPLE-SA-2014-02-25-1)
2014-02-26 00:00:00
Apple QuickTime远程缓冲区溢出漏洞
2014-02-28 00:00:00
Apple QuickTime远程内存破坏漏洞
2014-02-28 00:00:00
zdi
zdi
Apple QuickTime nam Atom Parsing Remote Code Execution Vulnerability
2014-04-03 00:00:00
Apple QuickTime clef Atom Heap Buffer Overflow Remote Code Execution Vulnerability
2014-04-03 00:00:00
Apple QuickTime stsz Atom Remote Code Execution Vulnerability
2014-04-03 00:00:00
cve
cve
CVE-2014-1243
2014-02-27 01:55:00
CVE-2013-1032
2013-09-16 13:02:00
CVE-2014-1244
2014-02-27 01:55:00
prion
prion
Memory corruption
2013-09-16 13:02:00
Buffer overflow
2014-02-27 01:55:00
Design/Logic Flaw
2014-02-27 01:55:00
checkpoint_advisories
checkpoint_advisories
Apple QuickTime ftab Atom Stack Buffer Overflow (CVE-2014-1246)
2014-05-04 00:00:00
JSON
Related for SECURITYVULNS:DOC:30334
kaspersky1nessus7securityvulns5openvas3seebug3zdi6cve10prion10checkpoint_advisories1