CVE-2012-3755

Apple QuickTime < 7.7.3 - Remote Code Execution via Crafted Targa Image

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3755. PoCs published by Senator of Pirates.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in Apple QuickTime (CVE-2012-3755) affecting versions prior to 7.7.3. The flaw exists in the handling of TGA file images with invalid encoded width fields, leading to a heap-based buffer overflow. The PoC is referenced as external download links.

Description

Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Targa image.

Exploits (1)

exploitdb WRITEUP

by Senator of Pirates · textdoswindows

https://www.exploit-db.com/exploits/22855

View Code ZIP pw:eip

The provided text describes a buffer overflow vulnerability in Apple QuickTime (CVE-2012-3755) affecting versions prior to 7.7.3. The flaw exists in the handling of TGA file images with invalid encoded width fields, leading to a heap-based buffer overflow. The PoC is referenced as external download links.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Apple QuickTime <= 7.7.2

No auth needed

Prerequisites: Crafted TGA file with invalid encoded width field

MITRE ATT&CK