CVE-2012-0668

CVE-2012-0668 is a vulnerability in Apple QuickTime where the RLE decoding path in QuickTime’s movie sample handling can overflow a buffer. The issue allows remote attackers to trigger a buffer overflow, enabling arbitrary code execution or a denial of service (application crash) by the user open...

CVE-2012-0667

CVE-2012-0667 affects Apple QuickTime on Windows prior to 7.7.2. The vulnerability resides in the QuickTimeVR.qtx component, where a signedness error in processing a QTVRStringAtom leads to an integer overflow, enabling remote code execution or an application crash when a crafted QTVR movie is op...

CVE-2012-0666

The CVE-2012-0666 entry is confirmed to have concrete technical details in connected documents: Apple QuickTime on Windows contains a stack-based buffer overflow in the QuickTime plugin (QTPluginControl::SetLanguage) triggered via crafted QTMovie objects, enabling remote code execution or a crash...

CVE-2012-0665

CVE-2012-0665 describes a heap-based buffer overflow in Apple QuickTime’s H.264 movie handling (specifically in the AVCC header logic) that can allow remote code execution when processing a crafted movie file. The issue affects vulnerable QuickTime versions prior to 7.7.2 and can be exploited wit...

CVE-2012-0664

CVE-2012-0664 affects Apple QuickTime on Windows prior to version 7.7.2. It is a heap-based buffer overflow in QuickTime’s handling of text tracks in a movie file, exploited via a crafted text track to execute arbitrary code or crash the application. Apple’s advisory notes QuickTime 7.7.2 as the ...

CVE-2012-0663

CVE-2012-0663 concerns Apple QuickTime on Windows, where TeXML processing is vulnerable to stack-based buffer overflows in QuickTime before 7.7.2. The issue arises while parsing TeXML elements (e.g., color strings and transform attributes), allowing a remote attacker to trigger arbitrary code exe...

CVE-2012-0265

CVE-2012-0265 is a stack-based buffer overflow in Apple QuickTime prior to 7.7.2 on Windows, exploitable via a crafted file pathname to execute arbitrary code or cause a crash. Public references confirm multiple CVEs around QuickTime 7.7.2 vulnerabilities and list CVE-2012-0265 among them. The Op...

CVE-2012-0663 Apple Quicktime Buffer Overflow

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Recent assessments: wchen-r7 at September 12, 20...

Apple Releases QuickTime 7.7.2

Apple has released QuickTime 7.7.2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple Support Article HT5261 and apply any necessary updates ...

QuickTime < 7.7.2 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.7.2 and may be affected by the following vulnerabilities : - An uninitialized memory access issue exists in the handling of MP4 encoded files. CVE-2011-3458 - An off-by-one buffer overflow exists in the handling of rdrf...

Apple QuickTime JPEG 2000 COD Length Integer Underflow (CVE-2011-3250)

A remote code execution vulnerability has been reported in Apple QuickTime...

CVE-2012-0660

Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted MPEG file...

CVE-2012-0658

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted audio sample tables in a movie file that is progressively downloaded...

CVE-2012-0659

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted MPEG file...

CVE-2012-0661

Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with JPEG2000 encoding...

Integer overflow

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted MPEG file...

Design/Logic Flaw

Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with JPEG2000 encoding...

Buffer overflow

Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted MPEG file...

Buffer overflow

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted audio sample tables in a movie file that is progressively downloaded...

CVE-2012-0658

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted audio sample tables in a movie file that is progressively downloaded...