Computer Security
[EN] securityvulns.ru no-pyccku


Apple QuickTime multiple security vulnerabilities
updated since 22.01.2009
Published:23.01.2009
Source:
SecurityVulns ID:9612
Type:client
Threat Level:
7/10
Description:Memory corruptions on Cinepak, VR Track, STSD, AVI parsing.
CVE:CVE-2009-2006 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) search_term parameter to main/auth/courses.php; the (2) frm_title and (3) frm_content parameters in a new personal agenda item action; the (4) title and (5) tutor_name parameters in a new course action; and the (6) student and (7) course parameters to main/mySpace/myStudents.php. NOTE: vectors 2 and 3 might only be exploitable via a separate CSRF vulnerability.)
 CVE-2009-0007 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms.)
 CVE-2009-0003 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure.)
 CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms.)
Original documentdocumentCERT, US-CERT Technical Cyber Security Alert TA09-022A -- Apple QuickTime Updates for Multiple Vulnerabilities (23.01.2009)
 documentZDI, ZDI-09-006: Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability (22.01.2009)
 documentZDI, ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability (22.01.2009)
 documentZDI, ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability (22.01.2009)
 documentZDI, ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability (22.01.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod