Apple QuickTime 7.7.2 MIME Type Buffer Overflow
This Metasploit module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3.
Apple WGT Dictionnaire 1.3 Script Code Injection
Apple WGT Dictionnaire version 1.3 suffers from a script code injection vulnerability.
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
This Metasploit module exploits a vulnerability found in Apple QuickTime.
Twitter 5.0 Eavesdropping Proof Of Concept
The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.
Apple QuickTime 7.7.2 Buffer Overflow
Apple QuickTime versions 7.7.2 and below suffer from a buffer overflow vulnerability in the handling of TGA files.
Zero Day Initiative Advisory 12-185
Zero Day Initiative Advisory 12-185 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability.
Secunia Security Advisory 51226
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
Apple Security Advisory 2012-11-07-1
Apple Security Advisory 2012-11-07-1 - QuickTime version 7.7.3 is now available and addresses multiple buffer overflows, memory corruption, and use after free vulnerabilities.
Secunia Security Advisory 51157
Secunia Security Advisory - Two vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to compromise a user's system.
Secunia Security Advisory 51162
Secunia Security Advisory - A weakness and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions and by malicious people to disclose certain system information and compromise a vulnerable device.