Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple QuickTime 'QTPlugin.ocx' IPersistPropertyBag2::Read函数代码注入漏洞
Vulnerability Description
Apple QuickTime是一款非常流行的多媒体播放器。 Apple QuickTime 6.x,7.x和其他版本中的QTPlugin.ocx中的IPersistPropertyBag2::Read函数存在代码注入漏洞。QTPlugin.OCX控件检查对象的属性中是否存在_Marshaled_pUnk,如果存在就通过将地址从ASCII表示转换为数字表示(sub_10001310)进行散列,之后将所生成的指针用作了pStm(所要散列流上指向IStream接口的指针)CoGetInterfaceAndRe
CVSS Information
N/A
Vulnerability Type
N/A