• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

RETIRED: Apple QuickTime Multiple Code Execution Vulnerabilities

Apple QuickTime is prone to multiple remote code-execution vulnerabilities.

These issues arise when the application handles specially crafted QTIF, TGA, TIFF, and GIF image formats.

Successful exploits of these issues may allow remote attackers to trigger a denial-of-service condition or to gain unauthorized access.

Versions prior to QuickTime 7.0.4 are vulnerable.

NOTE: This BID is being retired because the issues are now documented in the following individual records:

16852 Apple QuickTime QTIF Image Processing Remote Heap Overflow Vulnerability
16864 Apple QuickTime GIF Image Processing Remote Heap Overflow Vulnerability
16867 Apple QuickTime TIFF Image Processing Remote Integer Overflow Vulnerability
16869 Apple QuickTime TIFF Image Processing Strips/Bands Integer Overflow Vulnerability
16872 Apple QuickTime TGA Image Processing Remote Buffer Overflow Vulnerability
16873 Apple QuickTime TGA Image Processing Remote Integer Overflow Vulnerability
16875 Apple QuickTime TGA Image Processing Remote Integer Underflow Vulnerability