CVE-2006-1460

Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie .MOV, as demonstrated via a large size for a udta Atom...

CVE-2006-1463

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 M4V video format file with a certain modified size value...

CVE-2006-1464

Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime MPEG4 M4P video format file...

CVE-2006-1465

Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file...

CVE-2006-1463

Apple QuickTime before 7.1 is affected by a heap-based buffer overflow in the H.264 (M4V) parsing path. The vulnerability arises from a memory copy loop that trusts a user-supplied size value, enabling remote code execution when a malformed video file is opened or embedded. The issue is documente...

CVE-2006-1460

Apple QuickTime before 7.1 is affected by CVE-2006-1460 due to a heap buffer overflow in the udta Atom of MOV files. A crafted MOV containing an oversized udta Atom can trigger memory overwrite, leading to remote code execution under the user’s context. Affected products include QuickTime for Win...

CVE-2006-1459

CVE-2006-1459 refers to multiple integer overflows in Apple QuickTime before 7.1 that allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). The vulnerability affects QuickTime on Mac OS X and Windows prior to 7.1; exploitation involves...

CVE-2006-1465

CVE-2006-1465 : Buffer overflow in Apple QuickTime before 7.1 allows remote code execution via a crafted QuickTime AVI file. Affected: QuickTime on Windows and Mac OS X prior to 7.1. Exploitation could occur by sending a malformed file and having it opened with QuickTime Player. Remediation, wher...

CVE-2006-1458

CVE-2006-1458 affects Apple QuickTime Player prior to 7.1. The vulnerability is an integer overflow in the JPEG handling path that could allow a remote attacker to execute arbitrary code by convincing a user to open a crafted JPEG image. Affected products include QuickTime on both Mac OS X and Wi...

CVE-2006-1454

CVE-2006-1454 affects Apple QuickTime before 7.1. It is a heap-based buffer overflow in QuickDraw PICT image format support, enabling remote code execution when a crafted image is opened. Remediation per sources: upgrade to QuickTime 7.1 (Mac/Windows).

CVE-2006-1464

CVE-2006-1464 is a buffer overflow in Apple QuickTime before 7.1 that enables a remote attacker to execute arbitrary code by supplying a crafted MPEG-4 (M4P) video file. The CERT entry corroborates that both Mac OS X and Windows QuickTime installations are affected, with the vulnerability trigger...

CVE-2006-1462

CVE-2006-1462 concerns multiple integer overflows in Apple QuickTime prior to 7.1 that allow remote code execution via crafted QuickTime H.264 (M4V) files. Affected platforms include QuickTime on Mac OS X and Windows versions before 7.1. The NVD entry reports a base score of 5.1 (Medium) with net...

CVE-2006-1461

Apple QuickTime before 7.1 is affected by multiple buffer overflows that can allow remote code execution via a crafted QuickTime SWF/file, across Windows and Mac OS X. The issues arise from various integer- and buffer-overflow vulnerabilities in QuickTime’s handling of image/media formats; exploi...

CVE-2006-1453

Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information...

CVE-2006-1453

CVE-2006-1453 affects Apple QuickTime before 7.1. It is a stack-based/buffer overflow in QuickDraw PICT image format support that lets remote attackers execute arbitrary code via a crafted image containing malformed font information. The connected documents specify that QuickTime 7.1 (Mac/Windows...

CVE-2006-1459

Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie .MOV...

CVE-2006-1462

Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 M4V video format file...

CVE-2006-1461

Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash SWF file...

Quicktime < 7.1 on Mac OS X Multiple Vulnerabilities

Binary data 3616.prm...

Apple QuickTime udta ATOM Heap Overflow

Apple QuickTime udta ATOM Heap Overflow By Sowhat of Nevis Labs Date: 2006.05.12 http://www.nevisnetworks.com http://secway.org/advisory/AD20060512.txt Vendor: Apple Inc. Affected Versions: Apple QuickTime versions 7.1 Overview: We have discovered a critical vulnerability in Quicktime Player. The...