CVE-2003-0055

CVE-2003-0055 refers to a buffer overflow in the MP3 Broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1. The overflow can be triggered by a filename longer than 256 bytes, potentially allowing a remote attacker to execute arbitrary code ...

CVE-2003-0052

CVE-2003-0052 applies to Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1, where parse_xml.cgi allows remote attackers to list arbitrary directories due to unvalidated input. Public sources (ATstake advisory, vendor notices) describe it as a directory-listin...

CVE-2004-0169

CVE-2004-0169 concerns QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2. The vulnerability arises when processing RTSP DESCRIBE requests with overly long User-Agent fields, triggering an Assert in BufferIsFull and potentially crashing the server. Multiple sources corroborate that remote at...

CVE-2002-0376

Technical details about CVE-2002-0376 are not publicly provided in the supplied documents. Monitor for updates for affected products, vulnerable components and fixes; no concrete exploit vectors or mitigations are described here.

CVE-2003-0050

parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters...

CVE-2003-0052

parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories...

QuickTime < 7.5 Multiple Vulnerabilities

Binary data 4537.prm...

QuickTime < 7.6.2 Multiple Vulnerabilities

Binary data 5042.prm...

CVE-2004-0431

Integer overflow in Apple QuickTime QuickTime.qts before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow...

CVE-2004-0431

Integer overflow in Apple QuickTime QuickTime.qts before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow...

CVE-2004-0431

CVE-2004-0431 concerns Apple QuickTime (QuickTime.qts) before 6.5.1. The vulnerability is an integer overflow in the Sample-to-Chunk table handling that can overflow a heap and enable arbitrary code execution when a user opens a malicious QuickTime file. Affected component is QuickTime.qts in Qui...

QuickTime < 6.5.1 .mov File sample-to-chunk Table Data Handling Overflow (Windows)

The remote host is using QuickTime, a popular media player/Plug-in that handles many Media files. This version has a Heap overflow that could allow an attacker to execute arbitrary code on this host, with the rights of the user running QuickTime. This script was written by Jeff Adams See the Ness...

Apple QuickTime contains an integer overflow in the "QuickTime.qts" extension

Overview Apple QuickTime contains an integer overflow vulnerability in the "QuickTime.qts" extension, which could result in arbitrary code execution. Description Apple's QuickTime Player is a player that allow users to view local and remote audio/video content. Other applications, such as web...

Apple QuickTime buffer overflow

Buffer overflow on parsing QuickTime format...

[Full-Disclosure] EEYE: Apple QuickTime &#40;QuickTime.qts&#41; Heap Overflow

Apple QuickTime QuickTime.qts Heap Overflow Release Date: May 02, 2004 Date Reported: February 18, 2004 Severity: High Code Execution Vendor: Apple Systems Affected: Apple QuickTime 6.5 Apple iTunes 4.2.0.72 Description: The Apple QuickTime media player is used for playing, interacting with or...

CVE-2004-0169

QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service crash via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function...

Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests

Overview Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests containing overly large User-Agent fields. This could allow an unauthenticated, remote attacker to cause a denial-of-service condition. Description Apple's QuickTime and Darwin Streaming Server is software...

QuickTime/Darwin Streaming Server multiple bugs

Multiple bugs including uncommented shell characters, buffer overflows, etc...

CVE-2003-1091

Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via malformed ID3 tags in MP3 files...

CVE-2003-1414

Directory traversal vulnerability in parsexml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... triple dot in the filename parameter...