apple quicktime 4.1.2 vulnerabilities and exploits

(subscribe to this query)

Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote malicious users to execute arbitrary commands via a long HREF parameter in an EMBED tag.

Apple Quicktime 4.1.2

1 EDB exploit

parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to obtain the physical path of the server's installation path via a NULL file parameter.

Apple Darwin Streaming Server 4.1.2 Apple Quicktime Streaming Server 4.1.1

parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to list arbitrary directories.

Apple Darwin Streaming Server 4.1.2 Apple Quicktime Streaming Server 4.1.1

parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to execute arbitrary code via shell metacharacters.

Apple Darwin Streaming Server 4.1.2 Apple Quicktime Streaming Server 4.1.1

1 EDB exploit

Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to insert arbitrary script via the filename parameter, which is inserted into an error message.

Apple Darwin Streaming Server 4.1.2 Apple Quicktime Streaming Server 4.1.1

parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote malicious users to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages.

Apple Darwin Streaming Server 4.1.2 Apple Quicktime Streaming Server 4.1.1

Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when...

Apple Darwin Streaming Server 4.1.2 Apple Quicktime Streaming Server 4.1.1

Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote malicious users to read arbitrary files via a ... (triple dot) in the filename parameter.

Apple Darwin Streaming Server 4.1.2 Apple Quicktime Streaming Server 4.1.1

1 EDB exploit

Stack-based buffer overflow in Apple QuickTime prior to 7.1 allows remote malicious users to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information.

Apple Quicktime Apple Quicktime 3.0 Apple Quicktime 4.1.2 Apple Quicktime 5.0 Apple Quicktime 5.0.1 Apple Quicktime 6.0 Apple Quicktime 6.0.1 Apple Quicktime 6.0.2 Apple Quicktime 6.1 Apple Quicktime 6.1.0 Apple Quicktime 6.1.1 Apple Quicktime 6.2.0

Stack-based buffer overflow in Apple QuickTime prior to 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

Apple Quicktime Apple Quicktime -Apple Quicktime 3.0 Apple Quicktime 4.1.2 Apple Quicktime 5.0 Apple Quicktime 5.0.1 Apple Quicktime 5.0.2 Apple Quicktime 6.0 Apple Quicktime 6.1 Apple Quicktime 6.5 Apple Quicktime 6.5.1 Apple Quicktime 6.5.2

8 EDB exploits

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook