cURL Buffer Overflow Vulnerability
>> TAG: #buffer-overflow
cURL Buffer Overflow Vulnerability
Zero Day Initiative Advisory 12-05 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec.
iDefense Security Advisory 07.20.11 – Remote exploitation of a heap based buffer overflow vulnerability in WebKit, as included with Apple Inc.’s Safari Web browser, could allow an attacker to execute arbitrary code with the privileges of the current user. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
Apple Security Advisory 2011-07-15-1 – A buffer overflow exists in FreeType’s handling of TrueType fonts. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
Paul Harrington of NGS Secure has discovered a high risk vulnerability in Mac OS X Image RAW. Multiple buffer overflow issues existed in Image RAW’s handling of Canon RAW images. Viewing a maliciously crafted Canon RAW image may result in an unexpected application termination or arbitrary code execution.
NetSupport Manager Agent suffers from a stack-based buffer overflow vulnerability.