Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в Apple QuickTime
Опубликовано:11 сентября 2009 г.
Источник:
SecurityVulns ID:10232
Тип:клиент
Уровень опасности:
8/10
Описание:Переполнения буфера при разборе данных MPEG-4, H.264 и FlashPix.
Затронутые продукты:QUICKTIME : QuickTime 7.6
CVE:CVE-2009-2799 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file.)
 CVE-2009-2798 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.)
 CVE-2009-2203 (Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file.)
 CVE-2009-2202 (Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file.)
Оригинальный текстdocumentAPPLE, About the security content of QuickTime 7.6.4 (11.09.2009)
 documentZDI, ZDI-09-064: Apple QuickTime FlashPix Sector Size Overflow Vulnerability (11.09.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород