PDA

Visualizza versione completa : Apple QuickTime Integer Overflow and Denial of Service Vulnerabilities


Giorgius
04-11-2005, 11.34.40
Multiple vulnerabilities were identified in Apple QuickTime, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service.

The first issue is due to an integer overflow error when handling a specially crafted sign extension of an embedded "Pascal" style string, which could be exploited by remote attackers to execute arbitrary commands via a malicious media file.

The second vulnerability is due to an integer overflow when processing malformed movie attributes, which could be exploited by remote attackers to compromise a vulnerable system via a malicious video file.

The third flaw is due to a NULL pointer dereference when a missing movie attribute is interpreted as an extension, which could be exploited by attackers to cause a denial of service.

The fourth issue is due to a memory corruption error in PictureViewer when handling compressed PICT data, which could be exploited by remote attackers to execute arbitrary code via a malformed PICT picture file...

Leggi: http://www.frsirt.com/english/advisories/2005/2293