Computer Security

Apple QuickTime multiple security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Apple QuickTime multiple security vulnerabilities
Published:11.09.2009
Source:APPLE
SecurityVulns ID:10232
Type:client
Level:8/10
Description:Buffer overflow on MPEG-4, H.264 and FlashPix data parsing.
Affected:QUICKTIME : QuickTime 7.6
CVE:CVE-2009-2799 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file.)
 CVE-2009-2798 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.)
 CVE-2009-2203 (Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file.)
 CVE-2009-2202 (Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file.)
Original documentdocumentAPPLE, About the security content of QuickTime 7.6.4 (11.09.2009)
 documentZDI, ZDI-09-064: Apple QuickTime FlashPix Sector Size Overflow Vulnerability (11.09.2009)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server