Lucene search
AnonymousZDI-08-061HistorySep 09, 2008 - 12:00 a.m.
Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability
2008-09-0900:00:00
Anonymous
www.zerodayinitiative.com
15
EPSS
0.068
Percentile
94.0%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of MP4 video files in QuickTimeH264.qtx. A maliciously crafted MDAT atom can cause a heap corruption resulting in the execution of arbitrary code.
References
Related
securityvulns
securityvulns
prion
prion
Design/Logic Flaw
2008-09-11 01:13:00
zdi
zdi
Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability
2008-09-09 00:00:00
Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability
2008-09-09 00:00:00
cve
cve
CVE-2008-3627
2008-09-11 01:13:09
cvelist
cvelist
CVE-2008-3627
2008-09-10 16:00:00
nvd
nvd
CVE-2008-3627
2008-09-11 01:13:09
nessus
nessus
QuickTime < 7.5.5 Multiple Vulnerabilities
2008-09-10 00:00:00
QuickTime < 7.5.5 Multiple Vulnerabilities (Mac OS X)
2008-09-10 00:00:00
QuickTime < 7.5.5 Multiple Vulnerabilities (Windows)
2008-09-10 00:00:00
seebug
seebug
Apple QuickTime Movie/PICT/QTVR多个远程漏洞
2008-09-11 00:00:00
openvas
openvas
Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities
2008-09-25 00:00:00
Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities (HT3027)
2008-09-25 00:00:00