CVE-2007-3751

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors...

CVE-2007-4672

Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image...

CVE-2007-4676

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing 1 Poly type 0x0070 through 0x0074 and 2 PackBitsRgn field 0x0099 opcodes in a PICT image...

CVE-2007-4677

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom CTAB in a movie file, related to the CTAB RGB values...

Heap overflow

Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR QuickTime Virtual Reality movie file containing a large size field in the atom header of a panorama sample atom...

CVE-2007-2395

Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption."...

CVE-2007-3750

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor STSD atoms in a movie file...

CVE-2007-3751

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors...

CVE-2007-4675

Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR QuickTime Virtual Reality movie file containing a large size field in the atom header of a panorama sample atom...

CVE-2007-4676

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing 1 Poly type 0x0070 through 0x0074 and 2 PackBitsRgn field 0x0099 opcodes in a PICT image...

CVE-2007-4677

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom CTAB in a movie file, related to the CTAB RGB values...

CVE-2007-4672

Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image...

CVE-2007-4676

CVE-2007-4676 is a heap-based buffer overflow in Apple QuickTime prior to 7.3. The vulnerability occurs when parsing PICT images, specifically via malformed elements in the Poly type (0x0070–0x0074) and the PackBitsRgn field (0x0099) opcodes, potentially allowing a remote attacker to execute arbi...

CVE-2007-4675

CVE-2007-4675 summary (Apple QuickTime): A heap-based buffer overflow in the QuickTime VR extension (QTVR) 7.2.0.240, embedded in QuickTime.qts, allows remote code execution when a user opens a specially crafted QTVR movie file. The vulnerability is caused by an unvalidated size field in the pano...

CVE-2007-4672

Apple QuickTime before 7.3 contains a stack-based buffer overflow in processing PICT images due to an invalid UncompressedQuickTimeData opcode length, allowing remote code execution. Public sources (e.g., SAINT advisories and NVD entry) note the vulnerability exists and recommend upgrading to Qui...

CVE-2007-3751

The connected CERT advisory confirms CVE-2007-3751 affects Apple QuickTime for Java prior to QuickTime 7.3, where untrusted Java applets may gain elevated privileges and allow remote arbitrary code execution. Impact is that a remote, unauthenticated attacker could act with the user’s privileges i...

CVE-2007-4677

CVE-2007-4677 : A heap-based buffer/boundary overflow in Apple QuickTime prior to 7.3 occurs while parsing the color table atom (CTAB) in QuickTime movie files. The vulnerability stems from an invalid color table size during CTAB RGB value processing, leading to heap corruption and potential arbi...

CVE-2007-3750

CVE-2007-3750 : Heap-based buffer overflow in Apple QuickTime prior to 7.3. The flaw occurs when parsing the Sample Table Sample Descriptor (STSD) atom in QuickTime movie files, allowing a remote attacker to execute arbitrary code. Exploitation described as requiring the user to open a crafted Qu...

CVE-2007-2395

Apple QuickTime before 7.3 contains a memory corruption vulnerability in handling image description atoms within movie files, allowing a remote attacker to execute arbitrary code. The CERT/NVD entries confirm a buffer/memory-related issue that can be triggered by a specially crafted QuickTime mov...

Apple QuickTime PICT Image Parsing Malformed Records (CVE-2007-4672; CVE-2007-4676; CVE-2009-0010)

Apple QuickTime is a multimedia player that supports a wide range of media formats. A buffer overflow vulnerability has been reported in Apple QuickTime. A remote attacker can exploit this vulnerability via a specially crafted PICT file - an image file format that can be processed by the QuickTim...