Lucene search
AnonymousZDI-08-060HistorySep 09, 2008 - 12:00 a.m.
Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability
2008-09-0900:00:00
Anonymous
www.zerodayinitiative.com
33
EPSS
0.068
Percentile
94.0%
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of AVC1 atoms. An integer overflow condition is present that can result in a heap chunk being under-allocated. This heap corruption can be further leveraged to execute arbitrary code under the context of the current user.
References
Related
securityvulns
securityvulns
prion
prion
Design/Logic Flaw
2008-09-11 01:13:00
zdi
zdi
Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability
2008-09-09 00:00:00
Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability
2008-09-09 00:00:00
cve
cve
CVE-2008-3627
2008-09-11 01:13:09
cvelist
cvelist
CVE-2008-3627
2008-09-10 16:00:00
nvd
nvd
CVE-2008-3627
2008-09-11 01:13:09
nessus
nessus
QuickTime < 7.5.5 Multiple Vulnerabilities (Mac OS X)
2008-09-10 00:00:00
QuickTime < 7.5.5 Multiple Vulnerabilities
2008-09-10 00:00:00
QuickTime < 7.5.5 Multiple Vulnerabilities (Windows)
2008-09-10 00:00:00
seebug
seebug
Apple QuickTime Movie/PICT/QTVR多个远程漏洞
2008-09-11 00:00:00
openvas
openvas
Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities
2008-09-25 00:00:00
Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities (HT3027)
2008-09-25 00:00:00