English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.900074
Categoría:Denial of Service
Título:Apple QuickTime Multiple Vulnerabilities (Jan 2009) - Windows
Resumen:Apple QuickTime is prone to Multiple Vulnerabilities.
Descripción:Summary:
Apple QuickTime is prone to Multiple Vulnerabilities.

Vulnerability Insight:
- Application fails in handling of RTSP URLs, THKD atoms in QTVR (QuickTime
Virtual Reality) movie files and jpeg atoms in QT movie files.

- Popping of overflow errors while processing an AVI movie file.

- Player fails to handle MPEG-2 video files with MP3 audio content and
H.263 encoded movie files.

- Signedness flaw in handling of Cinepak encoded movie files.

- Input validation flaw exists in the QT MPEG-2 Playback Component.

Vulnerability Impact:
Attackers can execute arbitrary code by sending maliciously crafted RTSP
URLs and viewing a maliciously crafted QTVR file can lead to unexpected application termination.

Affected Software/OS:
Apple QuickTime before 7.60.92.0 on Windows (Any).

Solution:
Upgrade to Apple QuickTime version 7.60.92.0 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0001
http://lists.apple.com/archives/security-announce/2009/Jan/msg00000.html
BugTraq ID: 33385
http://www.securityfocus.com/bid/33385
Cert/CC Advisory: TA09-022A
http://www.us-cert.gov/cas/techalerts/TA09-022A.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6135
http://secunia.com/advisories/33632
http://www.vupen.com/english/advisories/2009/0212
XForce ISS Database: quicktime-rtspurl-bo(48154)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48154
Common Vulnerability Exposure (CVE) ID: CVE-2009-0002
BugTraq ID: 33384
http://www.securityfocus.com/bid/33384
Bugtraq: 20090121 ZDI-09-005: Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2009-01/0210.html
http://www.zerodayinitiative.com/advisories/ZDI-09-005/
http://osvdb.org/51525
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5646
Common Vulnerability Exposure (CVE) ID: CVE-2009-0003
BugTraq ID: 33387
http://www.securityfocus.com/bid/33387
http://www.zerodayinitiative.com/advisories/ZDI-09-006/
http://osvdb.org/51526
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6218
Common Vulnerability Exposure (CVE) ID: CVE-2009-0004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6211
XForce ISS Database: quicktime-mpeg2-bo(48157)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48157
Common Vulnerability Exposure (CVE) ID: CVE-2009-0005
BugTraq ID: 33386
http://www.securityfocus.com/bid/33386
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6187
XForce ISS Database: quicktime-h263-movie-code-execution(48158)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48158
Common Vulnerability Exposure (CVE) ID: CVE-2009-0006
BugTraq ID: 33388
http://www.securityfocus.com/bid/33388
Bugtraq: 20090121 ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2009-01/0215.html
Bugtraq: 20090124 Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/500391/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-09-007/
http://osvdb.org/51529
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6153
Common Vulnerability Exposure (CVE) ID: CVE-2009-0007
BugTraq ID: 33390
http://www.securityfocus.com/bid/33390
http://www.zerodayinitiative.com/advisories/ZDI-09-008/
http://osvdb.org/51530
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6132
Common Vulnerability Exposure (CVE) ID: CVE-2009-0008
http://lists.apple.com/archives/security-announce//2009/Jan/msg00001.html
BugTraq ID: 33393
http://www.securityfocus.com/bid/33393
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5974
http://www.securitytracker.com/id?1021621
http://secunia.com/advisories/33642
http://www.vupen.com/english/advisories/2009/0211
XForce ISS Database: quicktime-mpeg2playback-code-execution(48162)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48162
CopyrightCopyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.