Lucene search
Matt "j00ru" JurczykAnonymouspa_kt / twitter.com/pa_kt / e1c14ba6ZDI-11-313HistoryOct 27, 2011 - 12:00 a.m.
Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability
2011-10-2700:00:00
Matt "j00ru" JurczykAnonymouspa_kt / twitter.com/pa_kt / e1c14ba6
www.zerodayinitiative.com
14
EPSS
0.124
Percentile
95.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime decodes flic file. Flic files can contain FLC Delta Decompression block containing Run Length Encoded data. When Quicktime tries to decompress this data it reads a user supplied RLE Packet count field from the file and uses that as loop counter. A high value for this field will cause Quicktime to write outside previously allocated memory which could result into remote code execution.
References
Related
prion
prion
Buffer overflow
2011-10-14 10:55:00
cvelist
cvelist
CVE-2011-3223
2011-10-14 10:00:00
cve
cve
CVE-2011-3223
2011-10-14 10:55:09
securityvulns
securityvulns
ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability
2011-10-31 00:00:00
APPLE-SA-2011-10-26-1 QuickTime 7.7.1
2011-10-31 00:00:00
Apple QuickTime multiple security vulnerabilities
2012-08-20 00:00:00
nvd
nvd
CVE-2011-3223
2011-10-14 10:55:09
nessus
nessus
QuickTime < 7.7.1 Multiple Vulnerabilities
2011-10-27 00:00:00
QuickTime < 7.7.1 Multiple Vulnerabilities
2011-10-27 00:00:00
QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)
2011-10-28 00:00:00
openvas
openvas
Apple QuickTime Multiple Denial of Service Vulnerabilities - Windows
2011-11-03 00:00:00
Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
2011-11-03 00:00:00
Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
2011-10-20 00:00:00