Quicktime player/plug-in Heap overflow

The remote host is using QuickTime, a popular media player/Plug-in which handles many Media files. SPDX-FileCopyrightText: 2004 Jeff Adams Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Quicktime/Darwin 4.1.x Streaming Administration Server 'parse_xml.cgi' Multiple Vulnerabilities

QuickTime/Darwin streaming administration server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2005-2743

The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code...

CVE-2005-2743

The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code...

CVE-2005-2743

CVE-2005-2743 affects Apple Mac OS X 10.3.9 and earlier where Java extensions for QuickTime (version 6.52 and earlier) allow untrusted applets to call arbitrary functions in system libraries, enabling remote code execution. The root cause is a flaw in the Java extensions integration with QuickTim...

[SA16920] Mac OS X Security Update Fixes Multiple Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

security flaw

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone...

CVE-2005-2267

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone...

CVE-2005-2267

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone...

CVE-2005-2267

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone...

[Full-disclosure] APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce

APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce By Sowhat 2005.07.13 http://secway.org/Advisory/AD20050713.txt Vendor Apple Inc. Product Affected Darwin Streaming Server 5.5 and below for Win32 CVE-ID: CAN-2005-2195 OverView: Darwin Streaming Server is server technology allowing...

Standalone applications can run arbitrary code through the browser — Mozilla

Several media players, for example Flash and QuickTime, support scripted content with the ability to open URLs in the default browser. The default behavior for Firefox was to replace the currently open browser window's content with the externally opened content. If the external URL was a...

Quicktime < 7.0.1 Quartz Composer Information Disclosure (Mac OS X)

The remote Mac OS X host is running a version of Quicktime 7 which is older than Quicktime 7.0.1. The remote version of this software is vulnerable to an information disclosure flaw when handling Quartz Composer files which may leak data to an arbitrary web location. To exploit this flaw, an...

CVE-2005-1579

Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition .qtz file that uses certain patches to read local information, then other patches to send the information to the attacker...

CVE-2005-1579

CVE-2005-1579 affects Apple QuickTime Player 7.0 on Mac OS X 10.4, enabling information disclosure via a specially crafted .mov containing a Quartz Composer (.qtz) file that uses patches to read local data and send it to an attacker. The vulnerability is described in multiple sources, with a work...

[DR018] Quartz Composer / QuickTime 7 information leakage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The canonical URI of this advisory is http://remahl.se/david/vuln/ 018/. This advisory concerns an as-yet unpatched problem in QuickTime 7 on Mac OS X 10.4. The reason for disclosure before a vendor patch is that another person realized the potential...

Apple Quartz Composer / QuickTime 7 information leak

It's possible to determine system facilities...

Quicktime < 7.0.1 Web Plugin Information Disclosure

Binary data 2899.prm...

CVE-2005-1106

PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service application crash via a GIF image with the maximum depth start value, possibly triggering an integer overflow...

CVE-2005-0903

Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service application crash via a JPEG file with crafted Huffman Table marker DHT data...