Showing 1 - 3 of 3

CVE-2011-0247

Status Candidate

Overview

Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.

Related Files

Zero Day Initiative Advisory 11-257: Posted Aug 16, 2011; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 11-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.; tags | advisory, remote, arbitrary, code execution; systems | apple; advisories | CVE-2011-0247; SHA-256 | cdb1fff5d1189aa470f9941b86f7f44595f91c34c0571417c67f93bf2b3f6afb; Download | Favorite | View

Zero Day Initiative Advisory 11-255: Posted Aug 16, 2011; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 11-255 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.; tags | advisory, remote, arbitrary, code execution; systems | apple; advisories | CVE-2011-0247; SHA-256 | eb22a6085f298a0e2ddb2331f396d5648396388c8b27503cb5dcb3901124e6fa; Download | Favorite | View

Apple Security Advisory 2011-08-03-1: Posted Aug 4, 2011; Authored by Apple | Site apple.com; Apple Security Advisory 2011-08-03-1 - QuickTime version 7.7 has been made available to address multiple code execution, cross-origin, integer overflow, memory corruption, and other vulnerabilities.; tags | advisory, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2011-0186, CVE-2011-0187, CVE-2011-0209, CVE-2011-0210, CVE-2011-0211, CVE-2011-0213, CVE-2011-0245, CVE-2011-0246, CVE-2011-0247, CVE-2011-0248, CVE-2011-0249, CVE-2011-0250, CVE-2011-0251, CVE-2011-0252; SHA-256 | 08c8a33c814803db93ff4136d87bacc64dfe68c5d11475ce6a6bccf0835835c9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 85 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Debian 19 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

CVE-2011-0247

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems