CVE-2005-3713

Related Files

Technical Cyber Security Alert 2006-11A

Posted Jan 15, 2006

Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA06-011A - Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service.

tags | advisory, denial of service, arbitrary, vulnerability

systems | apple

advisories | CVE-2005-4092, CVE-2005-3707, CVE-2005-3710, CVE-2005-3713, CVE-2005-2340

SHA-256 | 0c0b8f8abdfddc63d81776abdf6b6b68c7a274f47f34ee7f05bdec6bf949f506

Download | Favorite | View

EEYEB-20051031.txt

Posted Jan 15, 2006

Authored by Fang Xing | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical heap overflow in the Apple Quicktime player that allows for the execution of arbitrary code via a maliciously crafted GIF file. This flaw has proven to allow for reliable control of data on the heap chunk and can be exploited via a web site by using ActiveX controls.

tags | advisory, web, overflow, arbitrary, activex

systems | apple

advisories | CVE-2005-3713

SHA-256 | cc94c3ea3b6b057626aed1b68cf54134be69b95753dba40f5fb6627667ad207f

Download | Favorite | View

EEYEB-20051229.txt

Posted Jan 15, 2006

Authored by Fang Xing | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. There is a stack overflow in the way QuickTime processes qtif format files. An attacker can create a qtif file and send it to the user via email, web page, or qtif file with activex and can directy overflow a function pointer immediately used so it can bypass any stack overflow protection in systems such as xp sp2 and 2003 sp1.

tags | advisory, web, overflow, activex

advisories | CVE-2005-3713

SHA-256 | f381d5232929605ca4544156e61651d6220094f6bc738402ffb8bfa678a9c719

Download | Favorite | View