Apple QuickTime Player Remote Heap Overflow by Piotr Bania <[EMAIL PROTECTED]> http://www.piotrbania.com All rights reserved.
Severity: Critical - potencial remote code execution. Software affected: Tested on QucikTime 7.1 (Windows version), with all newest add-ons. Timeline: 03/09/2006 Vulerability sent to the vendor. 03/09/2006 Initial vendor response. 06/03/2007 Security bulletin released. Full advisory at: http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt best regards, pb -- -------------------------------------------------------------------- Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19 Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33 http://www.piotrbania.com - Key ID: 0xBE43AC33 -------------------------------------------------------------------- - "The more I learn about men, the more I love dogs." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/