Computer Security
[EN] securityvulns.ru no-pyccku


Apple Quicktime multiple security vulnerabilities
Published:27.10.2014
Source:
SecurityVulns ID:14057
Type:client
Threat Level:
6/10
Description:Memory corruptions on video decoding, MIDI and m4a.
Affected:APPLE : QuickTime 7.7
CVE:CVE-2014-4979 (Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom.)
 CVE-2014-4351 (Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.)
 CVE-2014-4350 (Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file.)
 CVE-2014-1391 (QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.)
Original documentdocumentAPPLE, APPLE-SA-2014-10-22-1 QuickTime 7.7.6 (27.10.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod