Beschreibung
Multiple serious vulnerabilities have been found in Apple QuickTime. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities
- Improper byte-swapping can be exploited to execute arbitrary code or cause denial of service via a specially designed ttfo element in a movie file
- Lack of unspecified pointer initialization can be exploited to execute arbitrary code or cause denial of service via a specially designed tracklist in a movie file
- Integer signing can be exploited to execute arbitrary code or cause denial of service via a specially designed stsz atom in a movie file
- Vectors related to unknown applications can be exploited to execute arbitrary code or cause denial of service via specially designed idsc, clef, dref and ftab atoms, by a specially designed PSD image or movie file with H.264 encoding.
Ursprüngliche Informationshinweise
CVE Liste
- CVE-2014-1244 critical
- CVE-2014-1245 critical
- CVE-2014-1246 critical
- CVE-2014-1247 critical
- CVE-2014-1249 critical
- CVE-2014-1248 critical
- CVE-2013-1032 critical
- CVE-2014-1250 critical
- CVE-2014-1243 critical
- CVE-2014-1251 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!