Back to search
CVE-2008-4116
Published: Sep 17, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
4270
third-party-advisory
x_refsource_SREASON
oval:org.mitre.oval:def:5936
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:7995
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:6113
vdb-entry
signature
x_refsource_OVAL
31212
vdb-entry
x_refsource_BID
6471
exploit
x_refsource_EXPLOIT-DB
quicktime-itunes-checkstackcookie-bo(45311)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now