CVE-2008-1015

Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie...

CVE-2008-1016

Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attackers to execute arbitrary code via a crafted movie that triggers memory corruption...

CVE-2008-1019

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop...

CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...

CVE-2008-1020

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages...

CVE-2008-1015

CVE-2008-1015 describes a buffer overflow in the data reference atom handling of Apple QuickTime prior to version 7.4.5 . The issue allows an attacker to cause the player to terminate or execute arbitrary code when a user opens a specially crafted movie file, i.e., remote code execution is possib...

CVE-2008-1021

Apple QuickTime contains a heap-based buffer overflow in the Animation codec content handling that can allow remote code execution via a crafted QuickTime movie using Run Length Encoding. Affected product: Apple QuickTime Player prior to 7.4.5 (Windows). Evidence across sources confirms the vulne...

CVE-2008-1020

CVE-2008-1020 describes a heap-based buffer overflow in QuickTime’s quicktime.qts component when parsing Kodak-encoded PICT images, leading to arbitrary code execution under the user’s context. The vulnerability affects Apple QuickTime prior to 7.4.5 on Windows; the exploit requires opening a cra...

CVE-2008-1013

CVE-2008-1013 affects Apple QuickTime before version 7.4.5. The vulnerability arises from deserialization of QTJava objects by untrusted Java applets, enabling remote attackers to execute arbitrary code via a crafted applet. Impact is remote code execution with the attacker’s code running under t...

CVE-2008-1023

CVE-2008-1023 affects Apple QuickTime on Windows prior to 7.4.5. It is a heap-based buffer overflow in Clip opcode parsing triggered by a crafted PICT image file, enabling remote code execution. Remediation mentioned is upgrading to QuickTime 7.4.5 or applying the vendor patch (HT1241). The provi...

CVE-2008-1013

Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet...

CVE-2008-1023

Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file...

CVE-2008-1022

CVE-2008-1022 describes a stack-based buffer overflow in Apple QuickTime before 7.4.5, triggered by parsing the QuickTime VR VR movie atom named “obji” with a size of zero. A remote attacker could cause arbitrary code execution by delivering a crafted VR movie file that exploits this atom-parsing...

CVE-2008-1014

Apple QuickTime before 7.4.5 is affected by CVE-2008-1014 where specially crafted movies can trigger handling of external URLs, allowing remote attackers to obtain sensitive information. The vulnerability is tied to QuickTime’s processing of external URLs in movies, leading to information disclos...

CVE-2008-1019

Apple QuickTime (QuickTime.qts) prior to 7.4.5 contains a heap-based buffer overflow in PICT record parsing due to an improperly terminated memory copy loop. A crafted PICT image file can trigger remote code execution in the QuickTime process. Affected product/version: Apple QuickTime before 7.4....

CVE-2008-1018

CVE-2008-1018 is a heap-based overflow in Apple QuickTime parsing of the MP4A atom (chan) that allows remote code execution when a malformed QuickTime movie is opened. Affected product: Apple QuickTime before 7.4.5. Root cause: heap corruption in Channel Compositor atom parsing. Impact: arbitrary...

CVE-2008-1017

CVE-2008-1017 describes a heap‑based buffer overflow in the crgn atom parsing (quicktime.qts) of Apple QuickTime before 7.4.5. A crafted movie can cause arbitrary code execution in the user’s context. Affected product: Apple QuickTime (Windows/macOS)

CVE-2008-1016

CVE-2008-1016 concerns Apple QuickTime before 7.4.5. The flaw is in how QuickTime handles movie media tracks, causing memory corruption that can be triggered by a crafted movie file. Remote attackers could potentially execute arbitrary code or cause a crash when a user opens such a file. The vuln...

CVE-2008-1014

Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information...

CVE-2008-1022

Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size...