Showing 1 - 3 of 3

CVE-2011-0247

Status Candidate

Overview

Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.

Related Files

Zero Day Initiative Advisory 11-257: Posted Aug 16, 2011; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 11-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.; tags | advisory, remote, arbitrary, code execution; systems | apple; advisories | CVE-2011-0247; SHA-256 | cdb1fff5d1189aa470f9941b86f7f44595f91c34c0571417c67f93bf2b3f6afb; Download | Favorite | View

Zero Day Initiative Advisory 11-255: Posted Aug 16, 2011; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 11-255 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.; tags | advisory, remote, arbitrary, code execution; systems | apple; advisories | CVE-2011-0247; SHA-256 | eb22a6085f298a0e2ddb2331f396d5648396388c8b27503cb5dcb3901124e6fa; Download | Favorite | View

Apple Security Advisory 2011-08-03-1: Posted Aug 4, 2011; Authored by Apple | Site apple.com; Apple Security Advisory 2011-08-03-1 - QuickTime version 7.7 has been made available to address multiple code execution, cross-origin, integer overflow, memory corruption, and other vulnerabilities.; tags | advisory, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2011-0186, CVE-2011-0187, CVE-2011-0209, CVE-2011-0210, CVE-2011-0211, CVE-2011-0213, CVE-2011-0245, CVE-2011-0246, CVE-2011-0247, CVE-2011-0248, CVE-2011-0249, CVE-2011-0250, CVE-2011-0251, CVE-2011-0252; SHA-256 | 08c8a33c814803db93ff4136d87bacc64dfe68c5d11475ce6a6bccf0835835c9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 237 files
indoushka 172 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2011-0247

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems