Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31311
HistoryOct 27, 2014 - 12:00 a.m.

APPLE-SA-2014-10-22-1 QuickTime 7.7.6

2014-10-2700:00:00
vulners.com
18
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-10-22-1 QuickTime 7.7.6

QuickTime 7.7.6 is now available and addresses the following:

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
RLE encoded movie files. This issue was addressed through improved
bounds checking.
CVE-ID
CVE-2014-1391 : Fernando Munoz working with iDefense VCP, Tom
Gallagher & Paul Bates working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
the 'mvhd' atoms. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2014-4979 : Andrea Micalizzi aka rgod working with HP's Zero Day
Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted MIDI file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of MIDI
files. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4350 : s3tm3m working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted m4a file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of audio
samples. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4351 : Karl Smith of NCC Group

QuickTime 7.7.6 may be obtained from the QuickTime Downloads site:
http://www.apple.com/quicktime/download/

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJUSBRSAAoJEBcWfLTuOo7tgDoQAIBUrnAQpbBQoanvqNDw5R2j
Ntl+aKzuZaVloKn78HN0T5ihcx3K0FxtjCN//KGwJpKBCG8MGnF/CisEnstkLM3t
jn6oZ0kmowAOt0CEM6s391uWTNnV+Na3dN7WBNu7943+qkTbUiSeojTEE9DHpxCN
tE/hmyBR3dEpAKza8rQzGYYZTBJ9wFhcL91M9hmo0ZXrfgdRE8xFQBnEHtUPqv1N
QBgVm6GVKxFhgNcUZnk/+JNWpPxlWGDyb+N7mB7H8FIPUJRbxMsJaAro9JjyjM2h
Za5gNgVTdNNeM0iVItbt8a6JLo+F1CFD6dJJvFZUSoGYhCevfIrRHNmZBKynLFNw
lciM0iUXgoEwTsgfwOQf9gr8QSzMdTrODXgX6PQptKL2xSxHQ15Vumz9Z+LdZb2B
osh/+iGndw+xQCojR3+IomTZlxlHEaGxm45PkRtYwrAsmXXNnsOIC5Eqrk5sFpPH
gDioMLytASE2Y+ASBTHT0kNOVs2BY/2uLlToE+/tf908oLOjDpmHmbzk9PZHrJsX
hGaqFdrpGmZsm1QcO05/ykoPiqka1C9cgJHYKdXddeTCZEss4oFB0ER/fQ7cz6Bc
iOV80BMWMFArsZMPmiwltCYfiw82HxeTgc7UvRHGFlXmpE4q1lHrU1dt+NkOnmv9
t/srMKTMnrGAAGLz0jqq
=PiXJ
-----END PGP SIGNATURE-----

Related

openvas 2
nessus 4
securityvulns 5
cve 4
zdi 3
prion 4
kaspersky 1
openvas
openvas
Apple QuickTime Multiple Vulnerabilities-HT203092 (Windows)
2017-12-14 00:00:00
Apple Mac OS X Multiple Vulnerabilities-05 October-15
2015-10-29 00:00:00
nessus
nessus
QuickTime < 7.7.6 Multiple Vulnerabilities (Windows)
2014-10-24 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2014-004)
2014-09-18 00:00:00
Mac OS X 10.9.x < 10.9.5 Multiple Vulnerabilities
2014-09-18 00:00:00
securityvulns
securityvulns
Apple Quicktime multiple security vulnerabilities
2014-10-27 00:00:00
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
2014-09-21 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2014-09-21 00:00:00
cve
cve
CVE-2014-4979
2014-07-26 11:11:00
CVE-2014-4350
2014-09-19 10:55:00
CVE-2014-1391
2014-09-19 10:55:00
zdi
zdi
(0Day) Apple QuickTime 'mvhd' Atom Heap Memory Corruption Remote Code Execution Vulnerability
2014-07-23 00:00:00
Apple QuickTime mdat Atom Heap Buffer Overflow Remote Code Execution Vulnerability
2014-09-22 00:00:00
Apple QuickTime MIDI Heap Buffer Overflow Remote Code Execution Vulnerability
2014-09-22 00:00:00
prion
prion
Memory corruption
2014-07-26 11:11:00
Memory corruption
2014-09-19 10:55:00
Buffer overflow
2014-09-19 10:55:00
kaspersky
kaspersky
KLA10442 DoS vulnerability in QuickTime
2014-07-26 00:00:00
JSON
Related for SECURITYVULNS:DOC:31311
openvas2nessus4securityvulns5cve4zdi3prion4kaspersky1