CVE-2006-4389

Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix FPX file, which triggers an exception that leads to an operation on an uninitialized object...

CVE-2006-4388

Apple QuickTime (Mac and Windows) contains an integer overflow in FlashPix (FPX) format handling, listed as CVE-2006-4388, enabling user-assisted remote code execution via a crafted FPX file. Public advisories (GLSA 200803-08, etc.) group these with other QuickTime format issues and note that App...

CVE-2006-4381

Apple QuickTime versions before 7.1.3 are affected by multiple integer/buffer overflow vulnerabilities in the H.264 processing path. A crafted H.264 movie (or other crafted media) can lead to remote code execution with the user’s privileges, typically via user interaction (opening a malicious fil...

CVE-2006-4385

CVE-2006-4385 refers to a buffer overflow in Apple QuickTime’s SGI image handling that could allow a user-assisted remote attacker to execute arbitrary code. Affected product: Apple QuickTime prior to 7.1.3 (Windows and Mac) with SGI format processing vulnerable. Impact per sources: potential rem...

CVE-2006-4382

CVE-2006-4382 affects Apple QuickTime prior to 7.1.3 (Mac OS X and Windows). Multiple vulnerabilities in QuickTime formats (MOV, FLC, SGI, H.264, FPX) include buffer/heap/integer overflows that could enable remote code execution when a user opens a crafted file. The advisories consistently state ...

CVE-2006-4389

Apple QuickTime (Windows and Mac OS X) prior to version 7.1.3 is affected by CVE-2006-4389 (FPX/FlashPix format) where an exception leads to an operation on an uninitialized object, enabling user-assisted remote code execution. The issue is part of a set of QuickTime vulnerabilities (MOV/FPX/SGI/...

CVE-2006-4386

CVE-2006-4386 affects Apple QuickTime prior to 7.1.3. The issue is an integer overflow in the H.264 processing path that can be triggered by a crafted H.264 movie. This vulnerability allows an attacker to execute arbitrary code on a vulnerable host and requires user assistance to trigger. Affecte...

CVE-2006-4385

Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image...

CVE-2006-4388

Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file...

CVE-2006-4384

CVE-2006-4384 : A heap-based buffer overflow in Apple QuickTime prior to 7.1.3 allows a user-assisted remote attacker to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. Impact is remote code execution within the user’s privileges; exploitation requires user interaction. Affec...

Quicktime < 7.1.3 Multiple Vulnerabilities

Binary data 3741.prm...

Apple QuickTime 67 - .FLC Movie COLOR_64 Chunk Overflow

Apple QuickTime 67 - .FLC Movie COLOR64 Chunk Overflow source: https://www.securityfocus.com/bid/19976/info Apple QuickTime is prone to multiple vulnerabilities because it fails to properly bounds-check and sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary cod...

Apple QuickTime 6/7 - &#039;.FLC&#039; Movie COLOR_64 Chunk Overflow

source: https://www.securityfocus.com/bid/19976/info Apple QuickTime is prone to multiple vulnerabilities because it fails to properly bounds-check and sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary code in the context of the victim user running the...

win32-codecs -- multiple vulnerabilities

The Apple Security Team reports that there are multiple vulnerabilities within QuickTime one of the plugins for win32-codecs. A remote attacker capable of creating a malicious SGI image, FlashPix, FLC movie, or a QuickTime movie can possibly lead to execution of arbitrary code or cause a Denial o...

QuickTime MOV file udta Atom buffer overflow

Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...

QuickTime MOV file udta Atom buffer overflow

Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...

QuickTime MOV file udta Atom buffer overflow

Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...

QuickTime MOV file udta Atom buffer overflow

Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...

libextractor buffer overflow

Heap memory overflow on ASF streams and QuickTime parsing...

Apple QuickTime MPEG-4 movie buffer overflow

Overview Apple QuickTime fails to properly handle MPEG-4 movie files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and...