- Home
- CVEs with nessus.description==The version of QuickTime installed on the remote Windows host is earlier than 7.7.5. It is, therefore, reportedly affected by the following vulnerabilities :
- Out-of-bounds byte swapping issues exist in the handling of QuickTime image descriptions and 'ttfo' elements. (CVE-2013-1032, CVE-2014-1250)
- An uninitialized pointer issue exists in the handling of track lists. (CVE-2014-1243)
- Buffer overflow vulnerabilities exist in the handling of H.264 encoded movie files, 'ftab' atoms, 'ldat' atoms, PSD images, and 'clef' atoms. (CVE-2014-1244, CVE-2014-1248, CVE-2014-1249, CVE-2014-1251)
- A signedness issue exists in the handling of 'stsz' atoms. (CVE-2014-1245)
- A memory corruption issue exists in the handling of 'dref' atoms. (CVE-2014-1247)
Successful exploitation of these issues could result in program termination or arbitrary code execution, subject to the user's privileges.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top