3024 matches found
CVE-2008-1015
Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie...
CVE-2008-1016
Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attackers to execute arbitrary code via a crafted movie that triggers memory corruption...
CVE-2008-1019
Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop...
CVE-2008-1021
Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...
CVE-2008-1020
Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages...
CVE-2008-1015
CVE-2008-1015 describes a buffer overflow in the data reference atom handling of Apple QuickTime prior to version 7.4.5 . The issue allows an attacker to cause the player to terminate or execute arbitrary code when a user opens a specially crafted movie file, i.e., remote code execution is possib...
CVE-2008-1021
Apple QuickTime contains a heap-based buffer overflow in the Animation codec content handling that can allow remote code execution via a crafted QuickTime movie using Run Length Encoding. Affected product: Apple QuickTime Player prior to 7.4.5 (Windows). Evidence across sources confirms the vulne...
CVE-2008-1020
CVE-2008-1020 describes a heap-based buffer overflow in QuickTime’s quicktime.qts component when parsing Kodak-encoded PICT images, leading to arbitrary code execution under the user’s context. The vulnerability affects Apple QuickTime prior to 7.4.5 on Windows; the exploit requires opening a cra...
CVE-2008-1013
CVE-2008-1013 affects Apple QuickTime before version 7.4.5. The vulnerability arises from deserialization of QTJava objects by untrusted Java applets, enabling remote attackers to execute arbitrary code via a crafted applet. Impact is remote code execution with the attacker’s code running under t...
CVE-2008-1018
Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor aka chan atom...
CVE-2008-1023
CVE-2008-1023 affects Apple QuickTime on Windows prior to 7.4.5. It is a heap-based buffer overflow in Clip opcode parsing triggered by a crafted PICT image file, enabling remote code execution. Remediation mentioned is upgrading to QuickTime 7.4.5 or applying the vendor patch (HT1241). The provi...
CVE-2008-1022
Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size...
CVE-2008-1013
Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet...
CVE-2008-1023
Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file...
CVE-2008-1022
CVE-2008-1022 describes a stack-based buffer overflow in Apple QuickTime before 7.4.5, triggered by parsing the QuickTime VR VR movie atom named “obji” with a size of zero. A remote attacker could cause arbitrary code execution by delivering a crafted VR movie file that exploits this atom-parsing...
CVE-2008-1014
Apple QuickTime before 7.4.5 is affected by CVE-2008-1014 where specially crafted movies can trigger handling of external URLs, allowing remote attackers to obtain sensitive information. The vulnerability is tied to QuickTime’s processing of external URLs in movies, leading to information disclos...
CVE-2008-1019
Apple QuickTime (QuickTime.qts) prior to 7.4.5 contains a heap-based buffer overflow in PICT record parsing due to an improperly terminated memory copy loop. A crafted PICT image file can trigger remote code execution in the QuickTime process. Affected product/version: Apple QuickTime before 7.4....
CVE-2008-1018
CVE-2008-1018 is a heap-based overflow in Apple QuickTime parsing of the MP4A atom (chan) that allows remote code execution when a malformed QuickTime movie is opened. Affected product: Apple QuickTime before 7.4.5. Root cause: heap corruption in Channel Compositor atom parsing. Impact: arbitrary...
CVE-2008-1017
CVE-2008-1017 describes a heap‑based buffer overflow in the crgn atom parsing (quicktime.qts) of Apple QuickTime before 7.4.5. A crafted movie can cause arbitrary code execution in the user’s context. Affected product: Apple QuickTime (Windows/macOS)
CVE-2008-1016
CVE-2008-1016 concerns Apple QuickTime before 7.4.5. The flaw is in how QuickTime handles movie media tracks, causing memory corruption that can be triggered by a crafted movie file. Remote attackers could potentially execute arbitrary code or cause a crash when a user opens such a file. The vuln...