Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) CoreVideo.dll, (2) CoreGraphics.dll, or (3) CoreAudioToolbox.dll that is located in the same folder as a .pic image file.
References
Link | Resource |
---|---|
http://www.fortiguard.com/advisory/FGA-2010-46/ | |
http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html | Patch Vendor Advisory |
http://support.apple.com/kb/HT4339 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-12-26 17:55
Updated : 2013-12-27 07:27
NVD link : CVE-2010-1819
Mitre link : CVE-2010-1819
JSON object : View
CWE
Products Affected
apple
- quicktime