Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Apple QuickTime
дополнено с 5 августа 2011 г.
Опубликовано:5 сентября 2011 г.
Источник:
SecurityVulns ID:11834
Тип:удаленная
Уровень опасности:
7/10
Описание:Повреждения памяти при разборе PICT, JPEG2000, WAV, JPEG, GIF и различных видео-форматов, межсайтовый скриптинг.
Затронутые продукты:QUICKTIME : QuickTime 7.6
CVE:CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file.)
 CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.)
 CVE-2011-0256 (Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file.)
 CVE-2011-0252 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file.)
 CVE-2011-0251 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file.)
 CVE-2011-0250 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.)
 CVE-2011-0249 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.)
 CVE-2011-0248 (Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file.)
 CVE-2011-0247 (Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.)
 CVE-2011-0246 (Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.)
 CVE-2011-0245 (Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.)
 CVE-2011-0213 (Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.)
 CVE-2011-0211 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.)
 CVE-2011-0210 (QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.)
 CVE-2011-0209 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.)
 CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.)
 CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.)
Оригинальный текстdocumentZDI, ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability (05.09.2011)
 documentZDI, ZDI-11-259: Apple QuickTime STSZ atom Parsing Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-258: Apple QuickTime STSC atom Parsing Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-257: Apple QuickTime Player H.264 Slice Header Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-256: Apple QuickTime Media Link src Parameter Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-255: Apple QuickTime Player H.264 Reference Picture List Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-252: Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability (10.08.2011)
 documentZDI, ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability (10.08.2011)
 documentAPPLE, APPLE-SA-2011-08-03-1 QuickTime 7.7 (05.08.2011)
Файлы:About the security content of QuickTime 7.7

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород