Lucene search
AnonymousZDI-07-010HistoryMar 07, 2007 - 12:00 a.m.
Apple Quicktime UDTA Parsing Heap Overflow Vulnerability
2007-03-0700:00:00
Anonymous
www.zerodayinitiative.com
17
EPSS
0.923
Percentile
99.0%
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of forged size fields in user-defined data atoms (UDTA). By setting this field to an overly large value, an integer overflow occurs resulting in an exploitable heap overflow. Successful exploitation results in code execution under the context of the running user.
Related
checkpoint_advisories
checkpoint_advisories
Apple QuickTime udta Atom Parsing Heap Overflow (CVE-2007-0714)
2009-09-30 00:00:00
securityvulns
securityvulns
ZDI-07-010: Apple Quicktime UDTA Parsing Heap Overflow Vulnerability
2007-03-09 00:00:00
[Full-disclosure] Apple QuickTime udta ATOM Integer Overflow
2007-03-06 00:00:00
Apple QuickTime multiple security vulnerabilities
2007-03-09 00:00:00
cert
cert
Apple QuickTime UDTA atom integer overflow
2007-03-06 00:00:00
nvd
nvd
CVE-2007-0714
2007-03-05 22:19:00
cvelist
cvelist
CVE-2007-0714
2007-03-05 22:00:00
prion
prion
Integer overflow
2007-03-05 22:19:00
cve
cve
CVE-2007-0714
2007-03-05 22:19:00
nessus
nessus
Quicktime < 7.1.5 Multiple Vulnerabilities (Mac OS X)
2007-03-06 00:00:00
QuickTime < 7.1.5 Multiple Vulnerabilities (Windows)
2007-03-06 00:00:00
seebug
seebug
Apple QuickTime多个远程缓冲区溢出漏洞
2007-03-09 00:00:00