Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29425
HistoryMay 27, 2013 - 12:00 a.m.

APPLE-SA-2013-05-22-1 QuickTime 7.7.4

2013-05-2700:00:00
vulners.com
45
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-05-22-1 QuickTime 7.7.4

QuickTime 7.7.4 is now available and addresses the following:

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Opening a maliciously crafted TeXML file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
TeXML files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1015 : [email protected] working with HP's Zero Day
Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of H.263
encoded movie files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1016 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)
working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of 'dref'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2013-1017 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)
working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of H.264
encoded movie files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1018 : G. Geshev working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted MP3 file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of MP3 files.
This issue was addressed through improved bounds checking.
CVE-ID
CVE-2013-0989 : G. Geshev working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of Sorenson
encoded movie files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1019 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)
working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
JPEG encoded data. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1020 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)
working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted QTIF file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
QTIF files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-0987 : roob working with iDefense VCP

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Opening a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of JPEG
encoded data. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1021 : Mil3s beep working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of 'enof'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2013-0986 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)
working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted FPX file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of FPX files.
This issue was addressed through improved bounds checking.
CVE-ID
CVE-2013-0988 : G. Geshev working with HP's Zero Day Initiative

QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer underflow existed in the handling of 'mvhd'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2013-1022 : Andrea Micalizzi aka rgod working with HP's Zero Day
Initiative

QuickTime 7.7.4 may be obtained from the QuickTime Downloads site:
http://support.apple.com/downloads/

The download file is named: "QuickTimeInstaller.exe"
Its SHA-1 digest is: 50395ed3c9ac1f8104e0ad18c99a14c03755d060

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJRnRFuAAoJEPefwLHPlZEwxAUP/17v2uoUVcz8EqTDyfX5Hntm
uAORsTKZ14ZKIN16pNjWNyUMHJSdgOB7DJVbr8ZtaNg4zN2nrZ+tBbAi233uhbe0
1CGwkOkL4bi5JR3btZ7AxORETKMLgwATwahVJZLfRcZp9IMhiIZ5JIP/rmdgH2IL
52/dRRsWrg3Guk36EAqzznelTSeVLP2cQMw9d0ukvsz9jOIMpOJ7FXmv/7K0003c
2m6OtuScfy4Q+BIqql13kZ94cAILPUovIz2L900ry9AQVTbdwwggQ5Tgnf1lqUYy
xBnAVFsS/WWwEN4MyNbkdvsQEUc04vBgTN8dIfGUV4M/MLIRzY9TX+uamxoU/FRA
cfPSGlcQi21poOJ6a9bzVfPBkmPaz4P0M3VplSbAJAqYpALsMVH332mjd2m1o5pL
5VE8EUGcmHIa1jgdrsiWzYThzJIE+KCY6iW/PemC2DzcNz0uJUChPC/ao9UWPLII
05F0xVO4mGa+UClgX5o5OLvOFecX6redFjXuQk/QVzzDP95GIyAybLjQYeuFVpgD
1KGgF0CYjYuk19hZh+HcfZ9j7RIUOrVdCVFIH0+v+IZwRsAh+6NamvdRWTaI5fjg
PiQs1l+8IirII5xrikS6TanUewzdpIyK+pHBtz/OwneLKm79vSYdMLZDQU6deeoN
X0HHvIjtkT16kuhL1yMx
=lnE0
-----END PGP SIGNATURE-----

Related

nessus 7
openvas 3
kaspersky 1
securityvulns 7
cve 12
prion 12
zdi 10
seebug 2
packetstorm 1
checkpoint_advisories 5
saint 4
zdt 1
nessus
nessus
QuickTime < 7.7.4 Multiple Vulnerabilities (Windows)
2013-05-23 00:00:00
QuickTime < 7.7.4 Multiple Vulnerabilities (Windows) (deprecated)
2013-05-23 00:00:00
QuickTime < 7.7.4 Multiple Vulnerabilities (Windows)
2013-05-28 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities - June13 (Windows)
2013-06-07 00:00:00
Apple QuickTime Multiple Vulnerabilities - June13 (Windows)
2013-06-07 00:00:00
Apple Mac OS X Multiple Vulnerabilities - 02 Jan14
2014-01-20 00:00:00
kaspersky
kaspersky
KLA10017 Multiple vulnerabilities in Apple QuickTime
2013-05-22 00:00:00
securityvulns
securityvulns
Apple QuickTime multiple security vulnerabilities
2013-05-27 00:00:00
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00
APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002
2013-06-17 00:00:00
cve
cve
CVE-2013-0987
2013-05-24 16:43:00
CVE-2013-1021
2013-05-24 16:43:00
CVE-2013-1018
2013-05-24 16:43:00
prion
prion
Buffer overflow
2013-05-24 16:43:00
Buffer overflow
2013-05-24 16:43:00
Buffer overflow
2013-05-24 16:43:00
zdi
zdi
Apple QuickTime mvhd Atom Parsing Remote Code Execution Vulnerability
2013-06-11 00:00:00
Apple QuickTime 3GP Parsing Remote Code Execution Vunerability
2013-06-11 00:00:00
Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability
2013-06-11 00:00:00
seebug
seebug
Apple QuickTime 'enof' atoms处理缓冲区溢出漏洞
2013-05-30 00:00:00
Apple QuickTime 畸形MOV文件处理缓冲区溢出漏洞(CVE-2013-1017)
2013-08-05 00:00:00
packetstorm
packetstorm
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
2013-07-18 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple Quicktime MJPEG Frame stsd Atom Heap Overflow - Ver2 (CVE-2013-1020)
2015-03-26 00:00:00
Apple QuickTime alis Volume Name Parsing Stack Buffer Overflow (CVE-2013-1017)
2013-09-22 00:00:00
Apple QuickTime enof Atom Parsing Heap Buffer Overflow (CVE-2013-0986)
2013-09-22 00:00:00
saint
saint
QuickTime Movie File dref Atom Handling Buffer Overflow
2013-08-01 00:00:00
QuickTime Movie File dref Atom Handling Buffer Overflow
2013-08-01 00:00:00
QuickTime Movie File dref Atom Handling Buffer Overflow
2013-08-01 00:00:00
zdt
zdt
Apple Quicktime 7 Invalid Atom Length Buffer Overflow Vulnerability
2013-07-19 00:00:00
JSON
Related for SECURITYVULNS:DOC:29425
nessus7openvas3kaspersky1securityvulns7cve12prion12zdi10seebug2packetstorm1checkpoint_advisories5saint4zdt1