Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Apple Quicktime 7.6.0 - Windows (not an official CPE)
Apple Quicktime 7.5.5 for Windows
Apple Quicktime 7.5.0 for Windows
Apple Quicktime 7.4.5 for Windows
Apple Quicktime 7.4.1 for Windows
Apple Quicktime 7.4.0 for Windows
Apple Quicktime 7.3.1 for Windows
Apple Quicktime 7.3.0 for Windows
Apple Quicktime 7.2.1 for Windows
Apple Quicktime 7.1.6 for Windows
Apple Quicktime 7.2.0 for Windows
Apple Quicktime 7.1.5 for Windows
Apple Quicktime 7.1.4 for Windows
Apple Quicktime 7.1.3 for Windows
Apple Quicktime 7.1.2 for Windows
Apple Quicktime 7.1.1 for Windows
Apple Quicktime 7.1.0 for Windows
Apple Quicktime 7.0.4 for Windows
Apple Quicktime 7.0.3 for Windows
Apple Quicktime 7.0.2 Windows
Apple Quicktime 7.0.1 Windows
Apple Quicktime 7.0.0 for Windows
Improper Restriction of Operations within the Bounds of a Memory Buffer (ID 119)
Related CAPEC 11
Buffer Overflow via Environment Variables (CAPEC-ID 10)
Overflow Buffers (CAPEC-ID 100)
Client-side Injection-induced Buffer Overflow (CAPEC-ID 14)
Filter Failure through Buffer Overflow (CAPEC-ID 24)
MIME Conversion (CAPEC-ID 42)
Overflow Binary Resource File (CAPEC-ID 44)
Buffer Overflow via Symbolic Links (CAPEC-ID 45)
Overflow Variables and Tags (CAPEC-ID 46)
Buffer Overflow via Parameter Expansion (CAPEC-ID 47)
Buffer Overflow in an API Call (CAPEC-ID 8)
Buffer Overflow in Local Command-Line Utilities (CAPEC-ID 9)