The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x prior to 7.6.8, and other versions allows remote malicious users to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apple quicktime 6.0.1 |
||
apple quicktime 6.0.2 |
||
apple quicktime 6.5 |
||
apple quicktime 6.5.0 |
||
apple quicktime 7.0.3 |
||
apple quicktime 7.0.4 |
||
apple quicktime 7.1.6 |
||
apple quicktime 7.2 |
||
apple quicktime 7.4 |
||
apple quicktime 7.4.0 |
||
apple quicktime 7.6.2 |
||
apple quicktime 7.6.5 |
||
apple quicktime 7.6.6 |
||
apple quicktime 6.1.1 |
||
apple quicktime 6.2.0 |
||
apple quicktime 7.0 |
||
apple quicktime 7.0.0 |
||
apple quicktime 7.1.2 |
||
apple quicktime 7.1.3 |
||
apple quicktime 7.3 |
||
apple quicktime 7.3.0 |
||
apple quicktime 7.5.0 |
||
apple quicktime 7.5.5 |
||
apple quicktime 6.1 |
||
apple quicktime 6.1.0 |
||
apple quicktime 6.5.1 |
||
apple quicktime 6.5.2 |
||
apple quicktime 7.1 |
||
apple quicktime 7.1.0 |
||
apple quicktime 7.1.1 |
||
apple quicktime 7.2.0 |
||
apple quicktime 7.2.1 |
||
apple quicktime 7.4.1 |
||
apple quicktime 7.4.5 |
||
apple quicktime 7.6.7 |
||
apple quicktime 6.0 |
||
apple quicktime 6.0.0 |
||
apple quicktime 6.3.0 |
||
apple quicktime 6.4.0 |
||
apple quicktime 7.0.1 |
||
apple quicktime 7.0.2 |
||
apple quicktime 7.1.4 |
||
apple quicktime 7.1.5 |
||
apple quicktime 7.3.1 |
||
apple quicktime 7.3.1.70 |
||
apple quicktime 7.6.0 |
||
apple quicktime 7.6.1 |
Vulmon