CVE-2006-4384 - CVE Reference - Advisories

CVE Reference: CVE-2006-4384

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4384

Description: Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28930 ST 1016830 SREASON http://securityreason.com/securityalert/1554 SAID Secunia Advisory: SA29182 Secunia Advisory: SA21893 OSVDB 28771 MISC http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=25 http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=24 IDEFENSE http://www.idefense.com/intelligence/vulnerabilities/display.php?id=413 GENTOO http://security.gentoo.org/glsa/glsa-200803-08.xml CONFIRM http://docs.info.apple.com/article.html?artnum=304357 CERT-VN 489836 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/446134/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/445888/100/0/threaded BID 19976 APPLE http://lists.apple.com/archives/Security-announce/2006/Sep/msg00000.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	WMNews Cross-Site Scripting Vulnerabilities

2.	Joomla Community Builder Component File Inclusion

3.	dotProject SQL Injection and Cross-Site Scripting

4.	Novell eDirectory Multiple Vulnerabilities

5.	HP TCP/IP Services for OpenVMS Finger Format String Vulnerability

6.	OpenOffice "rtl_allocateMe mory()" Truncation Vulnerability

7.	Acoustica Mixcraft ".mx4" File Processing Buffer Overflow

8.	Slackware update for amarok

9.	Sun Solaris Kernel Covert Channel Security Bypass

10.	Blogn Cross-Site Scripting and Cross-Site Request Forgery