Code injection

Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file...

CVE-2008-1583

Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PICT image, a different vulnerability than CVE-2008-1581...

CVE-2008-1582

Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted AAC-encoded file that triggers memory corruption...

CVE-2008-1584

Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash or execute arbitrary code via crafted Indeo video codec content in a movie file...

CVE-2008-1585

Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file...

CVE-2008-1581

Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image...

CVE-2008-1581

Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image...

CVE-2008-1583

Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PICT image, a different vulnerability than CVE-2008-1581...

CVE-2008-1584

Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash or execute arbitrary code via crafted Indeo video codec content in a movie file...

CVE-2008-1585

Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file...

CVE-2008-1581

Apple QuickTime for Windows prior to 7.5 is affected by a heap-based buffer overflow in the PixData structure used when processing PICT images, allowing remote attackers to crash the player and potentially execute arbitrary code via crafted PICT content. Multiple sources corroborate a set of rela...

CVE-2008-1582

Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted AAC-encoded file that triggers memory corruption...

CVE-2008-1585

CVE-2008-1585 concerns Apple QuickTime

CVE-2008-1584

Apple QuickTime before 7.5 is affected by a stack-based buffer overflow in Indeo.qtx when parsing Indeo video content, allowing remote attackers to crash the player or execute arbitrary code via crafted movie files. The vulnerability stems from inadequate bounds checking in Indeo.qtx. Affected pr...

CVE-2008-1583

CVE-2008-1583 relates to Apple QuickTime before 7.5, where a heap-based buffer overflow occurs while processing PICT images. The vulnerability arises in the PixData handling, enabling remote attackers to crash the player and potentially execute arbitrary code. Public records in the provided docum...

CVE-2008-1582

Apple QuickTime before 7.5 contains a memory corruption vulnerability in handling AAC-encoded media, allowing remote attackers to crash the player and potentially execute arbitrary code by opening a crafted AAC file. This CVE (CVE-2008-1582) is part of a set of related issues affecting QuickTime

Apple QuickTime SMIL qtnext Redirect File Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of SMIL text embedded in video...

QuickTime < 7.5 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.5. Such versions contain several vulnerabilities : - There is a heap-based buffer overflow in QuickTime's handling of PICT image files that could result in a program crash or arbitrary code execution CVE-2008-1583. -...

Secunia Research: Apple QuickTime PICT Image Parsing Buffer Overflow

====================================================================== Secunia Research 10/06/2008 - Apple QuickTime PICT Image Parsing Buffer Overflow - ====================================================================== Table of Contents Affected...

ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability

ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-037 June 10, 2008 -- CVE ID: CVE-2008-1584 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IPS customer...