Описание
Multiple serious vulnerabilities have been found in Apple QuickTime. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities
- Improper byte-swapping can be exploited to execute arbitrary code or cause denial of service via a specially designed ttfo element in a movie file
- Lack of unspecified pointer initialization can be exploited to execute arbitrary code or cause denial of service via a specially designed tracklist in a movie file
- Integer signing can be exploited to execute arbitrary code or cause denial of service via a specially designed stsz atom in a movie file
- Vectors related to unknown applications can be exploited to execute arbitrary code or cause denial of service via specially designed idsc, clef, dref and ftab atoms, by a specially designed PSD image or movie file with H.264 encoding.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2014-1244 critical
- CVE-2014-1245 critical
- CVE-2014-1246 critical
- CVE-2014-1247 critical
- CVE-2014-1249 critical
- CVE-2014-1248 critical
- CVE-2013-1032 high
- CVE-2014-1250 critical
- CVE-2014-1243 critical
- CVE-2014-1251 critical
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!