Lucene search
Luigi Auriemmapa_kt / twitter.com/pa_kt / e1c14ba6ZDI-12-130HistoryAug 03, 2012 - 12:00 a.m.
Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability
2012-08-0300:00:00
Luigi Auriemmapa_kt / twitter.com/pa_kt / e1c14ba6
www.zerodayinitiative.com
24
EPSS
0.016
Percentile
87.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a header containing codec-specific data. When handling an error case, the application will forget to initialize a pointer which will later be used in a memory operation. This can lead to code execution under the context of the application.
References
Related
prion
prion
Memory corruption
2012-02-02 18:55:00
cvelist
cvelist
CVE-2011-3458
2012-02-02 18:00:00
nvd
nvd
CVE-2011-3458
2012-02-02 18:55:01
seebug
seebug
Apple Mac OS X θΏη¨δ»£η ζ§θ‘ζΌζ΄(CVE-2011-3458)
2012-02-06 00:00:00
Apple Mac OS XθΏη¨δ»£η ζ§θ‘ζΌζ΄(CVE-2011-3458)
2012-05-17 00:00:00
securityvulns
securityvulns
ZDI-12-130 : Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability
2012-08-13 00:00:00
APPLE-SA-2012-05-15-1 QuickTime 7.7.2
2012-05-21 00:00:00
Apple QuickTime multiple security vulnerabilities
2012-08-27 00:00:00
cve
cve
CVE-2011-3458
2012-02-02 18:55:01
nessus
nessus
QuickTime < 7.7.2 Multiple Vulnerabilities
2012-05-18 00:00:00
QuickTime < 7.7.2 Multiple Vulnerabilities
2012-05-18 00:00:00
QuickTime < 7.7.2 Multiple Vulnerabilities (Windows)
2012-05-16 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities - (Windows)
2012-05-18 00:00:00
Apple QuickTime Multiple Vulnerabilities - Windows
2012-05-18 00:00:00
Mac OS X Multiple Vulnerabilities (2012-001)
2012-02-06 00:00:00