Technical Cyber Security Alert TA06-011A - Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service.
0c0b8f8abdfddc63d81776abdf6b6b68c7a274f47f34ee7f05bdec6bf949f506eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code in the context of the user who executed the player or application hosting the QuickTime plug-in. This specific flaw exists within the QuickTime.qts file which many applications access QuickTime's functionality through. By specially crafting atoms within a movie file, a direct heap overwrite is triggered, and reliable code execution is then possible.
18acba653b6ffeaa75541090e022e221bd6522834bc69e991dccdbe23eff3ff3eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code in the context of the user who executed the player or application hosting the QuickTime plug-in. This specific flaw exists within the QuickTime.qts file which many applications access QuickTime's functionality through. By specially crafting atoms within a movie file, a direct heap overwrite is triggered, and reliable code execution is then possible.
de6c4384d0c4457c6aa83c3b2b67e9967d072d34865aa140328debd4221776b4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed