Lucene search
AnonymousZDI-09-008HistoryJan 21, 2009 - 12:00 a.m.
Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability
2009-01-2100:00:00
Anonymous
www.zerodayinitiative.com
15
EPSS
0.886
Percentile
98.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of JPEG atoms embedded in STSD atoms within the function JPEG_DComponentDispatch(). When the image width data in this atom is modified, a heap corruption occurs which can be further leveraged to execute arbitrary code under the context of the current user.
References
Related
prion
prion
Heap overflow
2009-01-21 20:30:00
cvelist
cvelist
CVE-2009-0007
2009-01-21 20:00:00
cve
cve
CVE-2009-0007
2009-01-21 20:30:00
checkpoint_advisories
checkpoint_advisories
Apple QuickTime STSD JPEG Atom Heap Corruption - Ver2 (CVE-2009-0007)
2014-03-31 00:00:00
Apple QuickTime STSD JPEG Atom Heap Corruption - Ver2 (CVE-2009-0007)
2014-03-31 00:00:00
securityvulns
securityvulns
ZDI-09-008: Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability
2009-01-22 00:00:00
Apple QuickTime multiple security vulnerabilities
2009-01-23 00:00:00
nvd
nvd
CVE-2009-0007
2009-01-21 20:30:00
nessus
nessus
QuickTime < 7.6 Multiple Vulnerabilities (Mac OS X)
2009-01-22 00:00:00
QuickTime < 7.6 Multiple Vulnerabilities
2009-01-22 00:00:00
QuickTime < 7.6 Multiple Vulnerabilities (Windows)
2009-01-22 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities - Jan09 (Windows)
2009-01-23 00:00:00
Apple QuickTime Multiple Vulnerabilities (Jan 2009) - Windows
2009-01-23 00:00:00