Secunia
Login
|
|
CVE Reference: CVE-2011-1417 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2011-1417 |
|
|
Description: Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a crafted size field in the OfficeArtMetafileHeader, related to OfficeArtBlip, as demonstrated on the iPhone by Charlie Miller and Dion Blazakis during a Pwn2Own competition at CanSecWest 2011. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA44154 MISC http://www.zerodayinitiative.com/advisories/ZDI-11-109/ http://www.zdnet.com/blog/security/charlie-miller-wins-pwn2own-again-with-iphone-4-exploit/8378 http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 CONFIRM http://support.apple.com/kb/HT5003 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT4607 APPLE http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00005.html |
|
| Return to the previous page. |
