CVE-2007-2397

CVE-2007-2397 affects QuickTime for Java in Apple QuickTime prior to 7.2. The vulnerability arises because QuickTime for Java does not properly enforce permissions, allowing remote attackers to disable security controls and execute arbitrary code via crafted Java applets. Connected sources confir...

CVE-2007-2396

CVE-2007-2396 concerns the JDirect support in QuickTime for Java within Apple QuickTime prior to version 7.2. The vulnerability arises because JDirect exposes dangerous interfaces that can be abused by remote attackers via crafted Java applets to achieve arbitrary code execution. Some sources exp...

CVE-2007-2393

CVE-2007-2393 affects Apple QuickTime, specifically the QuickTime for Java component, prior to version 7.2. The vulnerability arises from a design flaw in the Java handling that allows remote attackers to bypass security controls and write to process memory via Java applets, potentially enabling ...

CVE-2007-2392

CVE-2007-2392 : Apple QuickTime before 7.2 on Mac OS X 10.3.9/10.4.9 is affected by a memory corruption vulnerability triggered by a crafted movie file, allowing user‑assisted remote code execution. The issue is documented across multiple sources (NVD entry and CERT notes). Affected product is Qu...

CVE-2007-2394

Apple QuickTime (Mac OS X) before 7.2 on 10.3.9/10.4.9 is affected by an integer overflow in SMIL parsing, specifically in title/author fields, due to improper memory allocation calculations. This can allow user‑assisted remote code execution when a user opens a crafted SMIL file or visits a craf...

Apple Quicktime信息泄露和代码执行漏洞

Apple QuickTime是一款流行的媒体播放程序。 Apple QuickTime存在多个安全问题，远程攻击者可以利用漏洞获得敏感信息或者执行任意代码。 CVE-ID: CVE-2007-2295： Apple QuickTime处理畸形H.264电影文件存在内存破坏问题，可导致任意代码执行或者拒绝服务。 CVE-ID: CVE-2007-2392： Apple QuickTime处理畸形电影文件存在内存破坏问题，可导致任意代码执行或者拒绝服务。 CVE-ID: CVE-2007-2296： Apple...

Apple QuickTime buffer overflow

Buffer overflow on SMIL format parsing...

US-CERT Technical Cyber Security Alert TA07-193A -- Apple Releases Security Updates for QuickTime

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-193A Apple Releases Security Updates for QuickTime Original release date: July 12, 2007 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running Apple Mac OS X...

QuickTime < 7.2 Multiple Vulnerabilities

Binary data 4132.prm...

[Full-disclosure] iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability

Apple QuickTime SMIL File Processing Integer Overflow Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND QuickTime is Apple's media player product used to render video and other media. For more information visit...

Apple QuickTime fails to properly handle malformed movie files

Overview Apple QuickTime fails to properly handle malformed movie files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple QuickTime is multimedia software that allows users to view local and remote...

QuickTime < 7.2 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.2. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted file with QuickTime. C Tenable Network...

QuickTime < 7.2 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.2. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted file with QuickTime. C Tenable Network...

Apple QuickTime 7.1.5 - Information Disclosure Multiple Code Execution Vulnerabilities

Apple QuickTime 7.1.5 - Information Disclosure Multiple Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/24873/info Apple QuickTime is prone to an information-disclosure and multiple remote code-execution vulnerabilities. Remote attackers may exploit these issues by entici...

Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities

source: https://www.securityfocus.com/bid/24873/info Apple QuickTime is prone to an information-disclosure and multiple remote code-execution vulnerabilities. Remote attackers may exploit these issues by enticing victims into opening maliciously crafted files or visiting maliciously crafted...

Apple Quicktime For Java远程堆溢出漏洞

Apple QuickTime是一款流行的多媒体播放器，支持多种媒体格式。 QuickTime的实现上存在漏洞，远程攻击者可能利用此漏洞控制用户机器。 QuickTime for Java可能允许在所分配的堆之外实例化或操作对象。漏洞起因是QTObject的子类没有正确设置安全限制，不可信任的Java代码允许将调用QTJava.dll中不安全函数的QuickTime对象归为子类，导致读写任意内存。如果用户受骗访问了包含有特制Java Applet的Web页面的话，就可能触发堆溢出，导致执行任意指令。 Apple QuickTime Player 7.1.6...

Apple QuickTime for Java security bypass vulnerability

Overview Apple QuickTime for Java fails to properly restrict the instantiation and manipulation of Java objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime includes the ability to integrate QuickTim...

Apple QuickTime for Java information disclosure vulnerability

Overview Apple QuickTime for Java fails to properly clear memory. As a result, sensitive information may be exposed to unintended parties. Description Apple QuickTime includes the ability to integrate QuickTime into Java applications and applets. This feature is known as QuickTime for Java. Apple...

Quicktime Multiple Vulnerabilities (Mac OS X 7.1.6 Security Update)

According to its version, the installation of Quicktime on the remote Mac OS X host that contains a bug which might allow a rogue Java program to write anywhere in the heap. An attacker may be able to leverage these issues to execute arbitrary code on the remote host by luring a victim into...

QuickTime < 7.1.6 Security Update (Windows)

The version of QuickTime installed on the remote Windows host is less than 7.1.6.200, the version associated with Apple's Security Update QuickTime 7.1.6. As a result, a remote attacker who can trick a user on the affected system into opening a malicious Java applet using QuickTime may be able to...