[VIM] ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability

security curmudgeon jericho at attrition.org
Sat Apr 17 19:37:39 UTC 2010


Hi ZDI,

: ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-10-068
: April 9, 2010
: CVE-2010-0062
: 2010-04-06 - Vulnerability reported to vendor
: 2010-04-09 - Coordinated public release of advisory

This CVE is also associated with:

http://www.zerodayinitiative.com/advisories/ZDI-10-036/
Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability
April 2nd, 2010
CVE-2010-0062
2009-08-10 - Vulnerability reported to vendor
2010-04-02 - Coordinated public release of advisory

Could you provide confirmation and/or clarification on why there are two 
advisories for this?

Thanks,

Brian
OSVDB.org



More information about the VIM mailing list