漏洞信息详情

Apple QuickTime畸形TIFF图形溢出漏洞

  • CNNVD编号:CNNVD-200512-1000
  • 危害等级: 高危
  • CVE编号: CVE-2005-3711
  • 漏洞类型: 数字错误
  • 发布时间: 2005-12-31
  • 威胁类型: 远程
  • 更新时间: 2006-05-24
  • 厂        商: apple
  • 漏洞来源: Dejun Meng vulnmo...

漏洞简介

Apple QuickTime Player是QuickTime软件包的一个组件,可提供高质量声音和图象的媒体播放功能。

QuickTime Player处理特制的TIFF图形时存在整数溢出漏洞,可能导致拒绝服务或执行任意代码。

漏洞公告

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:

http://www.apple.com/quicktime/

参考网址

来源: BID

名称: 16202

链接:http://www.securityfocus.com/bid/16202

来源: VUPEN

名称: ADV-2006-0128

链接:http://www.frsirt.com/english/advisories/2006/0128

来源: SECUNIA

名称: 18370

链接:http://secunia.com/advisories/18370

来源: APPLE

名称: APPLE-SA-2006-01-10

链接:http://docs.info.apple.com/article.html?artnum=303101

来源: XF

名称: quicktime-tiff-overflow(24059)

链接:http://xforce.iss.net/xforce/xfdb/24059

来源: BUGTRAQ

名称: 20060112 Fortinet Advisory - Apple QuickTime Player StripByteCounts Buffer Overflow Vulnerability

链接:http://www.securityfocus.com/archive/1/archive/1/421831/100/0/threaded

来源: BUGTRAQ

名称: 20060112 Fortinet Advisory - Apple QuickTime Player StripOffsets Improper Memory Access

链接:http://www.securityfocus.com/archive/1/archive/1/421799/100/0/threaded

来源: OSVDB

名称: 22337

链接:http://www.osvdb.org/22337

来源: SECTRACK

名称: 1015465

链接:http://securitytracker.com/id?1015465

来源: FULLDISC

名称: 20060112 Fortinet Advisory - Apple QuickTime Player StripByteCounts Buffer Overflow Vulnerability

链接:http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0442.html 来源:NSFOCUS 名称:8392※8395※8394※8393 链接:http://www.nsfocus.net/vulndb/8392※8395※8394※8393

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多