Re: [Full-disclosure] ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability

To: security curmudgeon <jericho@xxxxxxxxxxxxx>, zdi-disclosures@xxxxxxxx
Subject: Re: [Full-disclosure] ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Sat, 24 Jan 2009 13:42:50 +0200 (EET)
Cc: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

CVE-2009-0006 is the correct CVE identifier and it is mentioned at Apple 
advisory
http://support.apple.com/kb/HT3403
too.

Juha-Matti

security curmudgeon [jericho@xxxxxxxxxxxxx] kirjoitti:

: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption: Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-09-007
: January 21, 2009
:: -- CVE ID:
: CVE-2009-2006

CVE-2009-0006 perhaps?

Prev by Date: Re: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
Next by Date: Browse3d (.sfs file) Local Stack Overflow Exploit
Previous by thread: /bin/login DoS remains after DSA-1709
Next by thread: Browse3d (.sfs file) Local Stack Overflow Exploit
Index(es):
- Date
- Thread