Buffer overflow

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted ldat atom in a movie file...

Buffer overflow

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with H.264 encoding...

CVE-2014-1245

Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted stsz atom in a movie file...

CVE-2014-1250

CVE-2014-1250 affects Apple QuickTime prior to 7.7.5. The issue is described as an out-of-bounds memory access caused by improper byte-swapping in the ttfo element of a movie file, enabling remote code execution or a crash. The connected sources corroborate QuickTime-related vulnerabilities and l...

CVE-2014-1247

Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted dref atom in a movie file...

CVE-2014-1243

Apple QuickTime before 7.7.5 is affected by CVE-2014-1243 due to an uninitialized pointer in track list handling, allowing remote arbitrary code execution or a crash when processing crafted movie files. Exploitation is described in multiple sources (e.g., ZDI-14-044 states a nam atom parsing flaw...

CVE-2014-1243

Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted track list in a movie file...

CVE-2014-1247

CVE-2014-1247 affects Apple QuickTime prior to 7.7.5. A flaw in handling of dref atoms (as described in ZDI-14-046) can allow remote code execution or memory corruption when a user opens a crafted movie file or visits a malicious page; user interaction is required. Impact is execution of arbitrar...

CVE-2014-1244

Apple QuickTime contains a buffer overflow in the H.264 handling path that can allow remote code execution or denial of service when processing a crafted movie file, affecting QuickTime versions prior to 7.7.5 (Windows). The issue is one of multiple vulnerabilities described for QuickTime fixed i...

CVE-2014-1251

Apple QuickTime (Windows) before 7.7.5 is affected by a buffer overflow in the parsing of the clef atom within movie files. The underlying issue is a malformed clef atom that can overflow an allocated buffer, enabling either remote code execution or application crash when a user opens a crafted f...

CVE-2014-1246

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted ftab atom in a movie file...

CVE-2014-1251

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted clef atom in a movie file...

CVE-2014-1250

Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds memory access and application crash via a crafted ttfo element in a movie file...

CVE-2014-1249

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PSD image...

CVE-2014-1244

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file with H.264 encoding...

CVE-2014-1248

CVE-2014-1248 affects Apple QuickTime prior to 7.7.5. A buffer overflow in the handling of the ldat atom in movie files can allow remote code execution or cause an application crash (DoS). Mitigation: apply QuickTime 7.7.5 or later updates where this issue was addressed. Exploitation details are ...

CVE-2014-1246

CVE-2014-1246 refers to a buffer overflow in Apple QuickTime prior to 7.7.5. The vulnerability occurs in the handling of the ‘ftab’ atom when parsing movie files, enabling remote attackers to cause arbitrary code execution or an application crash. Affected product: Apple QuickTime. Root cause: me...

CVE-2014-1248

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted ldat atom in a movie file...

CVE-2014-1245

Apple QuickTime before 7.7.5 contains a vulnerability in the processing of the stsz atom within movie files. This can allow remote code execution or a crash when a crafted stsz value is processed in a QuickTime viewing context. Exploitation requirements include user interaction (per ZDI advisory)...

CVE-2014-1249

CVE-2014-1249 affects Apple QuickTime before 7.7.5. The vulnerability is a buffer overflow in the PSD image handling used by QuickTime, which can lead to remote arbitrary code execution or an application crash. Connected sources corroborate a PSD-related overflow in QuickTime, with multiple OpenV...