Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Apple QuickTime / iTunes
дополнено с 5 апреля 2010 г.
Опубликовано:12 апреля 2010 г.
Источник:
SecurityVulns ID:10740
Тип:библиотека
Уровень опасности:
8/10
Описание:Многочисленные уязвимости при разборе PICT, FLC и многочисленных графических и видео форматов.
Затронутые продукты:QUICKTIME : QuickTime 7.6
 APPLE : iTunes 9.0
CVE:CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.)
 CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value.)
 CVE-2010-0527 (Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.)
 CVE-2010-0526 (Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not properly handled during decompression.)
 CVE-2010-0526 (Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not properly handled during decompression.)
 CVE-2010-0520 (Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression.)
 CVE-2010-0520 (Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression.)
 CVE-2010-0519 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value.)
 CVE-2010-0517 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with M-JPEG encoding, which causes QuickTime to calculate a buffer size using height and width fields, but to use a different field to control the length of a copy operation.)
 CVE-2010-0516 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding, which triggers memory corruption when the length of decompressed data exceeds that of the allocated heap chunk.)
 CVE-2010-0062 (Heap-based buffer overflow in quicktime.qts in CoreMedia and QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed .3g2 movie file with H.263 encoding that triggers an incorrect buffer length calculation.)
 CVE-2010-0060 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDMC encoding.)
 CVE-2010-0059 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDM2 encoding, which triggers a buffer overflow due to inconsistent length fields, related to QDCA.)
 CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.)
 CVE-2009-2837 (Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.)
Оригинальный текстdocumentZDI, ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability (12.04.2010)
 documentZDI, ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability (07.04.2010)
 documentZDI, ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability (05.04.2010)
 documentVUPEN Security Research, VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability (05.04.2010)
 documentVUPEN Security Research, VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability (05.04.2010)
 documentVUPEN Security Research, VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability (05.04.2010)
 documentVUPEN Security Research, VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability (05.04.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород