what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-044
Posted Apr 3, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-044 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within QuickTimeAuthoring.qtx during the parsing of DELTA_FLI chunks stored within a malformed .fli file. The applications trusts a user-supplied length for decompression which can be modified to copy more data than necessary leading to a buffer overflow. Successful exploitation can lead to code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-0520
SHA-256 | 3d9a104affc70e6b751a7e18e2fd12bf8b648c45aa4296843e8db2df6f0d1be4
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close