Zero Day Initiative Advisory 12-076 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple’s QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
>> TAG: #exploit
Original post: [local exploits] – Vertrigoserv 2.27 Local Privilege Escalation Exploit
Apple Security Advisory 2012-05-15-1 – QuickTime 7.7.2 is now available and addresses multiple security issues. Multiple stack overflows existed in QuickTime’s handling of TeXML files. A heap overflow existed in QuickTime’s handling of text tracks.
Apple Quicktime does not properly parse .pct media files, which causes a corruption in module DllMain by opening a malformed file with an invalid value located in PoC repro01.pct at offset 0x20E. Quicktime Player version 7.7.1 (1680.42) on Windows XP SP 3 – PT_BR is confirmed affected.
Apple Security Advisory 2012-05-14-1 – This update runs a malware removal tool that will remove the most common variants of the Flashback malware.
Apple Security Advisory 2012-05-09-2 – Safari 5.1.7 is now available and addresses multiple WebKit related vulnerabilities.
Secunia Security Advisory – A security issue has been reported in Apple Mac OS X, which can be exploited by malicious people with physical access to bypass certain security restrictions.
Read More: [webapps / 0day] – myCare2x CMS – Multiple Web Vulnerabilities
More: [webapps / 0day] – MyClientBase v0.12 – Multiple Vulnerabilities
View article: [webapps / 0day] – Opial CMS v2.0 Multiple Vulnerabilities