Lucene search
K
AppleQuicktime

246 matches found

CVE
CVE
added 2005/10/25 4:0 a.m.68 views

CVE-2005-2743

CVE-2005-2743 affects Apple Mac OS X 10.3.9 and earlier where Java extensions for QuickTime (version 6.52 and earlier) allow untrusted applets to call arbitrary functions in system libraries, enabling remote code execution. The root cause is a flaw in the Java extensions integration with QuickTim...

7.5CVSS7.2AI score0.04655EPSS
CVE
CVE
added 2007/09/24 12:0 a.m.68 views

CVE-2007-5045

CVE-2007-5045 describes an argument injection in Apple QuickTime 7.1.5 and earlier when used with Mozilla Firefox

9.3CVSS8.1AI score0.03451EPSS
CVE
CVE
added 2008/09/10 4:0 p.m.68 views

CVE-2008-3626

Apple QuickTime prior to 7.5.5 is affected by a memory-corruption vulnerability in CallComponentFunctionWithStorage when handling large entries in the STSZ atoms’ sample_size_table. A crafted movie file can allow remote attackers to execute arbitrary code or cause a denial of service. The issue a...

6.8CVSS7.5AI score0.04541EPSS
CVE
CVE
added 2009/01/21 8:0 p.m.68 views

CVE-2009-0007

Summary (CVE-2009-0007) : Apple QuickTime contains a heap-based buffer/memory corruption in the handling of JPEG atoms embedded in STSD atoms within QuickTime movie files. The flaw occurs due to lack of boundary checks when processing these JPEG atoms, allowing a remote attacker to cause a crash ...

9.3CVSS7.9AI score0.0772EPSS
CVE
CVE
added 2010/11/16 9:0 p.m.68 views

CVE-2010-3790

CVE-2010-3790 affects Apple QuickTime on Mac OS X, where a crafted QuickTime movie file can trigger a memory corruption/buffer overrun during parsing of a matrix structure in a PICT/RIFF context, allowing remote code execution or a crash. The flaw can be exploited by simply opening or viewing a m...

6.8CVSS7.9AI score0.04837EPSS
CVE
CVE
added 2015/08/16 11:0 p.m.68 views

CVE-2015-3790

Technical details specific to CVE-2015-3790 are not publicly available in the provided Connected documents. Available entries reference Malware in sbrugna for EUVD items but do not reveal affected products, versions, impact or remediation for this CVE. Monitor for updates.

6.8CVSS9.3AI score0.03635EPSS
CVE
CVE
added 2007/12/15 1:0 a.m.67 views

CVE-2007-4707

CVE-2007-4707 concerns Apple QuickTime before 7.3.1, where the Flash media handler contains multiple vulnerabilities that can be exploited by a crafted QuickTime movie to remotely execute arbitrary code. Affected product: QuickTime (Windows and Mac OS X) prior to 7.3.1; vulnerability class is des...

9.3CVSS7.5AI score0.04036EPSS
CVE
CVE
added 2009/09/10 9:0 p.m.67 views

CVE-2009-2798

CVE-2009-2798 describes a heap-based buffer overflow in Apple QuickTime before 7.6.4 triggered by parsing a crafted FlashPix (.fpx) file. The flaw occurs during handling of sector-related fields, where multiplication of two 32-bit values leads to an undersized heap allocation, allowing a remote a...

9.3CVSS7.7AI score0.05718EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.67 views

CVE-2013-1019

CVE-2013-1019 is a vulnerability in Apple QuickTime’s handling of Sorenson-encoded movie data. According to the ZDI advisory (ZDI-13-118), processing a malformed Sorenson Video 3 mdat section in a QuickTime movie can enable remote code execution on vulnerable QuickTime implementations, with user ...

9.3CVSS7.7AI score0.05616EPSS
CVE
CVE
added 2015/08/16 11:0 p.m.67 views

CVE-2015-3789

QuickTime 7 in Apple OS X before 10.10.5 is vulnerable to memory-corruption via a crafted file, enabling remote arbitrary code execution or a denial-of-service (application crash). The vulnerability is addressed in Apple’s response with OS X 10.10.5 updates and related security bulletins (HT20503...

6.8CVSS9.3AI score0.0364EPSS
CVE
CVE
added 2007/11/29 1:0 a.m.66 views

CVE-2007-6166

CVE-2007-6166 is a stack-based buffer overflow in Apple QuickTime

9.3CVSS7.6AI score0.41916EPSS
CVE
CVE
added 2008/06/10 6:0 p.m.66 views

CVE-2008-1581

Apple QuickTime for Windows prior to 7.5 is affected by a heap-based buffer overflow in the PixData structure used when processing PICT images, allowing remote attackers to crash the player and potentially execute arbitrary code via crafted PICT content. Multiple sources corroborate a set of rela...

6.8CVSS7.8AI score0.04614EPSS
CVE
CVE
added 2008/09/10 4:0 p.m.66 views

CVE-2008-3614

Apple QuickTime for Windows before 7.5.5 is vulnerable to an integer overflow in PICT parsing, causing heap corruption that can enable remote code execution or an application crash when presented with a crafted PICT image. Affected product: QuickTime on Windows; root cause: heap corruption from P...

6.8CVSS7.1AI score0.04064EPSS
CVE
CVE
added 2009/09/10 9:0 p.m.66 views

CVE-2009-2203

The CVE-2009-2203 entry describes a buffer overflow in Apple QuickTime prior to 7.6.4 triggered by parsing MPEG-4 video files, which could allow remote code execution or cause a application crash/DoS. Apple released QuickTime 7.6.4 to address this issue (bounds checking improvements).

9.3CVSS7.7AI score0.05718EPSS
CVE
CVE
added 2010/11/16 9:0 p.m.66 views

CVE-2010-3791

CVE-2010-3791 affects Apple QuickTime on Mac OS X 10.6.x prior to 10.6.5. It is a buffer overflow in QuickTime’s handling of MPEG-encoded movie files, which could allow a remote attacker to cause an application crash or execute arbitrary code. The documented remediation is to apply Mac OS X 10.6....

6.8CVSS9.2AI score0.03363EPSS
CVE
CVE
added 2010/12/09 7:0 p.m.66 views

CVE-2010-3801

CVE-2010-3801 affects Apple QuickTime prior to 7.6.9. A crafted FlashPix file can cause memory corruption leading to remote code execution or a denial of service. The issue is addressed by QuickTime/Apple security updates; Apple cites QuickTime 7.6.9 as the fix for Mac OS X (and related Security ...

9.3CVSS6.8AI score0.04937EPSS
CVE
CVE
added 2014/02/27 1:0 a.m.66 views

CVE-2014-1251

Apple QuickTime (Windows) before 7.7.5 is affected by a buffer overflow in the parsing of the clef atom within movie files. The underlying issue is a malformed clef atom that can overflow an allocated buffer, enabling either remote code execution or application crash when a user opens a crafted f...

9.3CVSS7.8AI score0.04072EPSS
CVE
CVE
added 2015/07/03 1:0 a.m.66 views

CVE-2015-3664

CVE-2015-3664 affects Apple QuickTime’s QT Media Foundation. Vulnerable component: QuickTime before version 7.7.7. Issue: memory corruption/remote code execution when processing specially crafted files. The related CVE family (including 3665, 3669) share similar memory‑corruption vectors in Quick...

6.8CVSS7.5AI score0.02904EPSS
CVE
CVE
added 2015/08/25 1:0 a.m.66 views

CVE-2015-5786

Apple QuickTime before 7.7.8 is affected by CVE-2015-5786, where a crafted file can cause memory corruption, enabling remote code execution or a denial of service (application crash). This entry references multiple related CVEs (e.g., CVE-2015-5785) and confirms the vulnerability class as memory ...

6.8CVSS7.8AI score0.0321EPSS
CVE
CVE
added 2016/01/09 2:0 a.m.66 views

CVE-2015-7091

Technical details about CVE-2015-7091 are not publicly provided in the supplied documents; no affected versions, root cause, or fixes are disclosed. Monitor for updates.

6.8CVSS7.2AI score0.01408EPSS
CVE
CVE
added 2016/01/09 2:0 a.m.66 views

CVE-2015-7092

Apple QuickTime before 7.7.9 is vulnerable to remote code execution or denial of service via a crafted TXXX frame in an MP3 ID3 tag inside a movie file, caused by a heap-based buffer overflow in ID3/TXXX processing. No exploitation details or patches are provided in the documents. References: ZDI...

6.8CVSS7AI score0.01754EPSS
CVE
CVE
added 2004/10/28 4:0 a.m.65 views

CVE-2004-0921

CVE-2004-0921 affects AFP Server on Mac OS X 10.3.x–10.3.5. When a guest has an AFP volume mounted, they can terminate authenticated user mounts via modified SessionDestroy packets, enabling partial impact to confidentiality, integrity, and availability. Connected sources corroborate the affected...

7.5CVSS6.4AI score0.01082EPSS
CVE
CVE
added 2005/11/05 11:0 a.m.65 views

CVE-2005-2753

CVE-2005-2753 affects Apple QuickTime prior to 7.0.3. An integer overflow in parsing MOV files causes a sign-extension error in a Pascal-style string, enabling user-assisted or remote code execution when a crafted MOV is opened. Impact is remote code execution with the attacker’s code running wit...

5.1CVSS7.3AI score0.02139EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.65 views

CVE-2006-1461

Apple QuickTime before 7.1 is affected by multiple buffer overflows that can allow remote code execution via a crafted QuickTime SWF/file, across Windows and Mac OS X. The issues arise from various integer- and buffer-overflow vulnerabilities in QuickTime’s handling of image/media formats; exploi...

5.1CVSS7.4AI score0.05204EPSS
CVE
CVE
added 2007/01/01 11:0 p.m.65 views

CVE-2007-0015

A buffer overflow in Apple QuickTime 7.1.3’s RTSP URL handling can allow remote code execution via a specially crafted long rtsp:// URI. The issue affects QuickTime’s RTSP URL handler (on affected QuickTime/macOS and Windows environments), enabling arbitrary code execution in the context of the l...

6.8CVSS7.3AI score0.48419EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.65 views

CVE-2007-0718

CVE-2007-0718 describes a heap-based buffer overflow in Apple QuickTime prior to 7.1.5 when processing QTIF files. If a Video Sample Description contains a Color table ID of 0, QuickTime expects a color table post-description and performs a memory swap on memory that may not be part of the heap b...

5.8CVSS7.9AI score0.05964EPSS
CVE
CVE
added 2007/11/07 8:0 p.m.65 views

CVE-2007-3750

CVE-2007-3750 : Heap-based buffer overflow in Apple QuickTime prior to 7.3. The flaw occurs when parsing the Sample Table Sample Descriptor (STSD) atom in QuickTime movie files, allowing a remote attacker to execute arbitrary code. Exploitation described as requiring the user to open a crafted Qu...

9.3CVSS7.6AI score0.06344EPSS
CVE
CVE
added 2009/01/21 8:0 p.m.65 views

CVE-2009-0001

Apple QuickTime before 7.6 is vulnerable to a heap-based buffer overflow triggered by processing crafted RTSP URLs, potentially allowing remote code execution or application termination. Remediation: update to Apple QuickTime 7.6 or newer (per cited advisories).

9.3CVSS9.2AI score0.06803EPSS
CVE
CVE
added 2011/08/04 1:0 a.m.65 views

CVE-2011-0246

CVE-2011-0246 refers to a heap-based buffer overflow in Apple QuickTime on Windows prior to version 7.7, triggered by processing a crafted GIF file. The vulnerability can allow remote code execution or cause an application crash (DoS). The NVD entry confirms the GIF-based overflow as the vector, ...

9.3CVSS8AI score0.0418EPSS
CVE
CVE
added 2015/08/16 11:0 p.m.65 views

CVE-2015-5753

Technical details (affected products, vulnerable components, exploit scenarios, or patches) are not provided in the connected documents. The CVE entry description alone does not reveal concrete technical details. Monitor for updates from official sources.

6.8CVSS9.3AI score0.02907EPSS
CVE
CVE
added 2015/08/25 1:0 a.m.65 views

CVE-2015-5785

Apple QuickTime

6.8CVSS7.8AI score0.0281EPSS
CVE
CVE
added 2001/03/09 5:0 a.m.64 views

CVE-2001-0198

The CVE-2001-0198 issue affects the QuickTime Player plugin 4.1.2 (Japanese). The root cause is a buffer overflow caused by a long HREF parameter in an EMBED tag, allowing remote attackers to execute arbitrary commands. Public references describe a remote buffer overflow exploit via a crafted HTM...

7.6CVSS7.8AI score0.06397EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.64 views

CVE-2006-1453

CVE-2006-1453 affects Apple QuickTime before 7.1. It is a stack-based/buffer overflow in QuickDraw PICT image format support that lets remote attackers execute arbitrary code via a crafted image containing malformed font information. The connected documents specify that QuickTime 7.1 (Mac/Windows...

5.1CVSS7.6AI score0.07131EPSS
CVE
CVE
added 2011/06/24 8:0 p.m.64 views

CVE-2011-0209

CVE-2011-0209 : An integer overflow in QuickTime’s handling of RIFF WAV files on Mac OS X before 10.6.8 can be exploited remotely to achieve arbitrary code execution or cause a denial of service (application crash) via a crafted WAV file. The issue is documented in the Apple advisory and is addre...

6.8CVSS6.2AI score0.02924EPSS
CVE
CVE
added 2011/08/04 1:0 a.m.64 views

CVE-2011-0250

CVE-2011-0250 is a vulnerability in Apple QuickTime where a heap-based buffer overflow occurs in the STSS atom handling of QuickTime movie files, allowing remote code execution or application crash. The ZDI advisory confirms the flaw can be exploited via remote interaction (the target visits a ma...

9.3CVSS8.7AI score0.05084EPSS
CVE
CVE
added 2017/04/24 7:0 p.m.64 views

CVE-2011-3428

CVE-2011-3428 concerns a buffer overflow in Apple QuickTime for Windows prior to version 7.7.1 . The vulnerability allows a remote attacker to execute arbitrary code on affected systems via the QuickTime player. The root cause is a buffer overflow in Windows builds of QuickTime, with the impact s...

9.8CVSS9.9AI score0.02025EPSS
CVE
CVE
added 2012/05/16 1:0 a.m.64 views

CVE-2012-0670

Apple QuickTime is affected by CVE-2012-0670 due to an integer overflow in the handling of the 'sean' atom in movie files, affecting QuickTime prior to 7.7.2. The vulnerability allows remote code execution or a crash when a crafted file is opened. According to ZDI, Apple issued an update (HT5261)...

9.3CVSS7.7AI score0.04944EPSS
CVE
CVE
added 2012/11/09 7:0 p.m.64 views

CVE-2012-3757

CVE-2012-3757 affects Apple QuickTime before 7.7.3. The root cause is memory corruption in the handling of PICT files, allowing remote code execution or a denial of service when a crafted PICT file is opened. Exploitation requires a user to open a malicious file; impact could be full user rights ...

9.3CVSS7.7AI score0.04802EPSS
CVE
CVE
added 2015/07/03 1:0 a.m.64 views

CVE-2015-3663

CVE-2015-3663 affects Apple QuickTime’s QT Media Foundation and is exploitable via a crafted file that can trigger memory corruption, potentially allowing remote code execution or a denial of service. Affected: QuickTime before 7.7.7 (on OS X prior to 10.10.4 and other products). Root cause is me...

6.8CVSS5.2AI score0.03119EPSS
CVE
CVE
added 2016/01/09 2:0 a.m.64 views

CVE-2015-7117

Technical details for CVE-2015-7117 are not publicly available in the provided documents. No information on affected product/version, root cause, or remediation is present here. Monitor for updates from official advisories; connected EUVD entries appear unrelated.

6.8CVSS7.1AI score0.01691EPSS
CVE
CVE
added 2003/04/01 5:0 a.m.63 views

CVE-2003-0168

CVE-2003-0168 describes a buffer overflow in Apple QuickTime Player for Windows (versions 5.x and 6.0) triggered by processing overly long QuickTime URLs, allowing remote arbitrary code execution. The issue affects the Windows QuickTime Player, not the Mac versions. Vendor guidance: upgrade to Qu...

7.5CVSS7.7AI score0.09281EPSS
CVE
CVE
added 2005/11/05 11:0 a.m.63 views

CVE-2005-2754

CVE-2005-2754 refers to an integer overflow in Apple QuickTime before 7.0.3 that can enable remote code execution when a crafted MOV file with “Improper movie attributes” is loaded. The issue is documented across multiple sources as affecting QuickTime on Mac OS X and Windows, with the overflow p...

5.1CVSS7.3AI score0.02139EPSS
CVE
CVE
added 2005/11/05 11:0 a.m.63 views

CVE-2005-2756

CVE-2005-2756 corresponds to a buffer overflow in Apple QuickTime PictureViewer that allows remote code execution when processing crafted PICT data. Affected: QuickTime before 7.0.3 (Mac and Windows). Root cause: lack of input validation during decompression of compressed PICT data, causing memor...

5.1CVSS7.2AI score0.04242EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.63 views

CVE-2005-3713

Apple QuickTime before 7.0.4 is affected by a heap-based buffer overflow triggered by a crafted GIF image containing a Netscape Navigator Application Extension Block. The overflow modifies the heap in the Picture Modifier block and can allow remote attackers to execute arbitrary code. Vendors doc...

7.5CVSS7.6AI score0.08629EPSS
CVE
CVE
added 2008/09/10 4:0 p.m.63 views

CVE-2008-3628

Summary: CVE-2008-3628 affects Apple QuickTime for Windows prior to 7.5.5. The issue is an invalid pointer in QuickTime’s handling of PICT images, which can allow remote attackers to execute arbitrary code or cause a denial of service (application crash). Affected product/behavior: Apple QuickTim...

9.3CVSS7.5AI score0.03987EPSS
CVE
CVE
added 2009/06/02 6:0 p.m.63 views

CVE-2009-0951

CVE-2009-0951 is a heap-based overflow in Apple QuickTime

9.3CVSS7.9AI score0.06545EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.63 views

CVE-2010-0529

Apple QuickTime (Windows) is affected by a heap-based buffer overflow in QuickTime.qts when parsing a PICT image using the BkPixPat opcode (0x12). The flaw exists in Apple QuickTime before version 7.6.6, and can allow remote code execution or a denial of service via crafted images. Exploitation r...

9.3CVSS8.1AI score0.12199EPSS
CVE
CVE
added 2011/03/23 1:0 a.m.63 views

CVE-2011-0186

CVE-2011-0186 affects Apple QuickTime on Mac OS X, where memory corruption in JPEG2000 handling could allow remote arbitrary code execution or a crash. The issue is tied to QuickTime’s JPEG2000 processing and is listed with a base score of 4.3 (Medium). Public docs indicate that Apple addressed r...

4.3CVSS6.8AI score0.02606EPSS
CVE
CVE
added 2011/08/04 1:0 a.m.63 views

CVE-2011-0252

CVE-2011-0252 is a QuickTime vulnerability where a heap-based buffer overflow can be triggered by crafted STTS atoms in QuickTime movie files, allowing remote code execution. The issue arises from handling of invalid Time-To-Sample values, which can overflow a heap counter and compromise the proc...

9.3CVSS8.7AI score0.05084EPSS
CVE
CVE
added 2011/08/15 9:0 p.m.63 views

CVE-2011-0256

Apple QuickTime contains an integer overflow in the handling of the TRUN atom (sampleCount) that can be triggered by crafted track run atoms in QuickTime movie files, impacting QuickTime before version 7.7. Exploitation could allow remote code execution or a denial of service (application crash) ...

9.3CVSS7.8AI score0.03682EPSS
Total number of security vulnerabilities246