CVE-2004-0825

QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service application deadlock via a certain sequence of operations...

Quicktime Multiple Integer Overflows (deprecated)

Binary data 2380.prm...

CVE-2004-0926

Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image...

CVE-2004-0926

CVE-2004-0926 : A heap-based buffer overflow in Apple QuickTime’s BMP image decoding on Mac OS X 10.2.8–10.3.5 may allow remote code execution. The vulnerability is tied to QuickTime’s BMP handling; no remediation/patch information is provided in the supplied documents, and exploitation status is...

CVE-2004-0988

CVE-2004-0988 affects Apple QuickTime prior to 6.5.2 on Windows. The issue is an integer overflow in QuickTime components that can trigger a large memory operation, leading to memory consumption and a potential denial of service. Multiple sources (NVD, Red Hat, CVE, CVE List) describe the same ro...

CVE-2004-0988

Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service memory consumption via certain inputs that cause a large memory operation...

High Risk Vulnerability in Quicktime for Windows

John Heasman of NGSSoftware has discovered a high risk vulnerability in Quicktime for Windows. Versions affected include: Quicktime 6.5.2 and earlier The flaw permits execution of arbitrary code from an HTML environment. The patch can be downloaded from...

AppleQuickTime code execution

No description provided...

Quicktime < 6.5.2

The remote Mac OS X host is running a version of Quicktime that is older than Quicktime 6.5.2. The remote version of this software reportedly fails to check bounds properly when decoding BMP images, leading to a heap overflow. If a remote attacker can trick a user into opening a maliciously craft...

Mac OS X Multiple Vulnerabilities (Security Update 2004-09-30)

The remote host is missing Security Update 2004-09-30. This security update contains a number of fixes for the following programs : - AFP Server - CUPS - NetInfoManager - postfix - QuickTime - ServerAdmin These programs have multiple vulnerabilities which may allow a remote attacker to execute...

CVE-2004-0825

QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service application deadlock via a certain sequence of operations...

CVE-2004-0825

CVE-2004-0825 affects Apple QuickTime Streaming Server used in Mac OS X Server versions 10.2.8, 10.3.4, and 10.3.5. The vulnerability allows a remote attacker to cause a denial-of-service (application deadlock) through a specific sequence of operations. The NVD entry provides a Network attack vec...

Apple QuickTime Streaming Server vulnerable to DoS

Overview There is a vulnerability in the Apple QuickTime Streaming Server that could allow a remote attacker to cause a denial-of-service condition. Description Apple's QuickTime Streaming Server provides an integrated distribution mechanism for various forms of digital content. There is a...

CVE-2003-0051

parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter...

CVE-2003-0053

Cross-site scripting XSS vulnerability in parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message...

CVE-2002-0376

Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field...

CVE-2003-0053

CVE-2003-0053 describes an XSS vulnerability in parse_xml.cgi used by Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1. An attacker can supply a crafted filename parameter, which is reflected in an error message, allowing arbitrary script execution in the vi...

CVE-2004-0169

QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service crash via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function...

CVE-2003-0054

CVE-2003-0054 affects Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1. The issue enables remote code execution when an unauthenticated request to port 7070 includes a script argument to the rtsp DESCRIBE method; the script is written to a log file and execu...

CVE-2003-0051

CVE-2003-0051 affects Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1, where parse_xml.cgi can reveal the server installation’s physical path via a NULL file parameter. The issue enables remote access to sensitive path information and is part of a set of re...