Access of Uninitialized Pointer
CVE-2010-1818
Summary
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
- MEDIUM
- NETWORK
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
CWE-824 - Access of Uninitialized Pointer
The program accesses or uses a pointer that has not been initialized.
References
Advisory Timeline
- Published