QuickTime < 7.1 Multiple Vulnerabilities (Windows)

The remote Windows host is running a version of QuickTime prior to 7.1. The remote version of QuickTime is vulnerable to various integer and buffer overflows involving specially crafted image and media files. An attacker may be able to leverage these issues to execute arbitrary code on the remote...

Apple QuickTime FlashPix integer overflow

Overview Apple QuickTime fails to properly handle FlashPix images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition. Description Apple's QuickTime Player is multimedia software that allows users to view local and remo...

QuickTime for Windows Detection

QuickTime is installed on the remote host. QuickTime is a popular media player / plug-in that handles various types of music and video files. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid21561; scriptversion"1.26";...

Apple QuickTime multiple security vulnerabilities

Buffer overflow on MOV files udta atom parsing. Buffer overflow on FPX files parsing. H.264 protocol parsing heap overflow...

US-CERT Technical Cyber Security Alert TA06-132B -- Apple QuickTime Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-132B Apple QuickTime Vulnerabilities Original release date: May 12, 2006 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running Apple Mac OS X Microsoft...

Quicktime < 7.1 Multiple Vulnerabilities (Mac OS X)

The remote Mac OS X host is running a version of Quicktime prior to 7.1. The remote version of Quicktime is vulnerable to various integer and buffer overflows involving specially crafted image and media files. An attacker may be able to leverage these issues to execute arbitrary code on the remot...

Design/Logic Flaw

QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service crash and connection interruption via a QuickTime movie with a missing track, which triggers a null dereference...

Buffer overflow

Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging...

Heap overflow

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier...

CVE-2006-1456

Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging...

CVE-2006-2238

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier...

CVE-2006-1455

QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service crash and connection interruption via a QuickTime movie with a missing track, which triggers a null dereference...

CVE-2006-2238

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier...

CVE-2006-2238

CVE-2006-2238 describes a heap-based buffer overflow in Apple QuickTime before 7.1 triggered by a crafted BMP file that overflows in the ReadBMP function, allowing remote code execution. The vulnerability affects QuickTime’s BMP handling across multiple products; exploitation details and affected...

CVE-2006-1456

Technical details about CVE-2006-1456 are not publicly available in the provided connected documents; the materials primarily repeat the CVE description without additional specifics. Monitor for updates.

CVE-2006-1455

The CVE-2006-1455 issue affects Apple QuickTime Streaming Server on Mac OS X 10.3.9 and 10.4.6. The vulnerability allows remote attackers to cause a denial of service (crash and connection interruption) by processing a QuickTime movie with a missing track, which triggers a null dereference. Impac...

CVE-2006-1455

QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service crash and connection interruption via a QuickTime movie with a missing track, which triggers a null dereference...

CVE-2006-1456

Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging...

Stack overflow

Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information...

Heap overflow

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data...