CVE-2011-3221

Related Files

Apple Security Advisory 2011-10-26-1

Posted Oct 28, 2011

Authored by Apple | Site apple.com

Apple Security Advisory 2011-10-26-1 - QuickTime 7.7.1 is now available and addresses memory disclosure, arbitrary code execution, script injection, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution

systems | apple

advisories | CVE-2011-3219, CVE-2011-3220, CVE-2011-3221, CVE-2011-3218, CVE-2011-3222, CVE-2011-3223, CVE-2011-3228, CVE-2011-3247, CVE-2011-3248, CVE-2011-3249, CVE-2011-3250, CVE-2011-3251

SHA-256 | 151e9a6bdb019b931ecf77d87bbf59eb16ed9d92b2e975ee1c0e5a7b931ccf76

Download | Favorite | View

Zero Day Initiative Advisory 11-312

Posted Oct 27, 2011

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-312 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses the atom hierarchy within a QuickTime movie file. In a certain situation the application will pass execution to another function for handling the atom, however, will pass the incorrect number of arguments. Due to this, a variable will be treated as a pointer. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution

systems | apple

advisories | CVE-2011-3221

SHA-256 | cb365aed44c81961888502d4e300903ac4ba55d40337e597ccdb589e14a421f0

Download | Favorite | View