Lucene search
K
AppleQuicktime

246 matches found

CVE
CVE
added 2007/12/04 6:0 p.m.59 views

CVE-2007-6238

Technical details for CVE-2007-6238 are not publicly provided in the provided documents; the Initial Description is vague. Monitor for updates.

10CVSS7AI score0.03946EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.59 views

CVE-2010-0527

CVE-2010-0527 affects Apple QuickTime on Windows prior to 7.6.6. The issue is an integer overflow in QuickTime’s handling of PICT images, which could allow remote code execution or a denial of service (application crash) when a crafted PICT image is processed. Multiple connected sources corrobora...

9.3CVSS7.8AI score0.03822EPSS
CVE
CVE
added 2010/12/09 7:0 p.m.59 views

CVE-2010-1508

CVE-2010-1508 describes a heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows, triggered by parsing Track Header (tkhd) atoms and potentially allowing arbitrary code execution or a crash. OpenVAS notes the issue affects Windows QuickTime and does not affect Mac OS X. Secunia’s a...

9.3CVSS8.1AI score0.05539EPSS
CVE
CVE
added 2010/12/09 7:0 p.m.59 views

CVE-2010-3802

CVE-2010-3802 affects Apple QuickTime prior to 7.6.9. It is a memory-corruption/remote-code-execution risk caused by a signedness error in handling a crafted panorama atom in a QuickTime VR (QTVR) movie. Exploitation could lead to arbitrary code execution or an application crash. Remediation indi...

9.3CVSS6.7AI score0.04937EPSS
CVE
CVE
added 2014/07/26 10:0 a.m.59 views

CVE-2014-4979

Apple QuickTime for Windows is affected by CVE-2014-4979 due to memory corruption in the mvhd atom when handling malformed version numbers and flags, potentially enabling arbitrary code execution or a crash. The issue is addressed in QuickTime 7.7.6, per the Apple security content; updating to th...

9.3CVSS7.6AI score0.03587EPSS
CVE
CVE
added 2016/01/09 2:0 a.m.59 views

CVE-2015-7086

Technical details for CVE-2015-7086 are not publicly provided in the connected documents. The initial description mentions QuickTime before 7.7.9 vulnerable to remote code execution via crafted movie files. No additional vendor/version specifics are available here; monitor for updates.

6.8CVSS7.1AI score0.01348EPSS
CVE
CVE
added 2005/05/14 4:0 a.m.58 views

CVE-2005-1579

CVE-2005-1579 affects Apple QuickTime Player 7.0 on Mac OS X 10.4, enabling information disclosure via a specially crafted .mov containing a Quartz Composer (.qtz) file that uses patches to read local data and send it to an attacker. The vulnerability is described in multiple sources, with a work...

5CVSS5.4AI score0.02035EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.58 views

CVE-2006-1460

Apple QuickTime before 7.1 is affected by CVE-2006-1460 due to a heap buffer overflow in the udta Atom of MOV files. A crafted MOV containing an oversized udta Atom can trigger memory overwrite, leading to remote code execution under the user’s context. Affected products include QuickTime for Win...

5.1CVSS7.3AI score0.05586EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.58 views

CVE-2007-0715

CVE-2007-0715: A heap-based buffer overflow in Apple QuickTime prior to 7.1.5 affects processing of PICT files. This allows remote user-assisted attackers to crash QuickTime and potentially execute arbitrary code. Affected product: Apple QuickTime (on macOS/Windows). Root cause: heap corruption t...

5.8CVSS7.6AI score0.06087EPSS
CVE
CVE
added 2008/02/14 11:0 a.m.58 views

CVE-2008-0778

Multiple stack-based buffer overflows exist in the QTPlugin.ocx ActiveX control of Apple QuickTime 7.4.1 and earlier. The vulnerability affects the QTPlugin.ocx component and is triggered by long arguments to the SetBgColor, SetHREF, SetMovieName, SetTarget, and SetMatrix methods, allowing remote...

7.5CVSS7.7AI score0.09214EPSS
CVE
CVE
added 2008/04/04 5:0 p.m.58 views

CVE-2008-1013

CVE-2008-1013 affects Apple QuickTime before version 7.4.5. The vulnerability arises from deserialization of QTJava objects by untrusted Java applets, enabling remote attackers to execute arbitrary code via a crafted applet. Impact is remote code execution with the attacker’s code running under t...

6.8CVSS7.3AI score0.04134EPSS
CVE
CVE
added 2008/04/04 5:0 p.m.58 views

CVE-2008-1017

CVE-2008-1017 describes a heap‑based buffer overflow in the crgn atom parsing (quicktime.qts) of Apple QuickTime before 7.4.5. A crafted movie can cause arbitrary code execution in the user’s context. Affected product: Apple QuickTime (Windows/macOS)

6.8CVSS7.5AI score0.07163EPSS
CVE
CVE
added 2008/04/04 5:0 p.m.58 views

CVE-2008-1021

Apple QuickTime contains a heap-based buffer overflow in the Animation codec content handling that can allow remote code execution via a crafted QuickTime movie using Run Length Encoding. Affected product: Apple QuickTime Player prior to 7.4.5 (Windows). Evidence across sources confirms the vulne...

6.8CVSS7.6AI score0.06947EPSS
CVE
CVE
added 2012/11/09 7:0 p.m.58 views

CVE-2012-3758

CVE-2012-3758 affects Apple QuickTime before 7.7.3. A buffer overflow in handling the transform attribute of text3GTrack TeXML files can allow remote code execution or cause an application crash (DoS). Public references confirm vulnerability details and mention upgrading to QuickTime 7.7.3 as rem...

9.3CVSS7.8AI score0.04954EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.58 views

CVE-2013-1021

Apple QuickTime vulnerability CVE-2013-1021 is a buffer overflow in QuickTime before 7.7.4 triggered by crafted JPEG data in a movie file. This can allow remote code execution or a denial of service (application crash). Exploitation requires opening a malicious file or streaming data containing t...

9.3CVSS7.8AI score0.04014EPSS
CVE
CVE
added 2004/05/06 4:0 a.m.57 views

CVE-2004-0431

CVE-2004-0431 concerns Apple QuickTime (QuickTime.qts) before 6.5.1. The vulnerability is an integer overflow in the Sample-to-Chunk table handling that can overflow a heap and enable arbitrary code execution when a user opens a malicious QuickTime file. Affected component is QuickTime.qts in Qui...

5.1CVSS7.4AI score0.03243EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.57 views

CVE-2005-3707

Apple QuickTime before 7.0.4 contains a buffer overflow in the handling of TGA image files (CVE-2005-3707). A crafted TGA image could allow a remote attacker to execute arbitrary code on vulnerable systems running QuickTime, with the impact described as remote code execution. The issue is tied to...

7.5CVSS7.5AI score0.07958EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.57 views

CVE-2006-1454

CVE-2006-1454 affects Apple QuickTime before 7.1. It is a heap-based buffer overflow in QuickDraw PICT image format support, enabling remote code execution when a crafted image is opened. Remediation per sources: upgrade to QuickTime 7.1 (Mac/Windows).

5.1CVSS7.6AI score0.07189EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.57 views

CVE-2006-1465

CVE-2006-1465 : Buffer overflow in Apple QuickTime before 7.1 allows remote code execution via a crafted QuickTime AVI file. Affected: QuickTime on Windows and Mac OS X prior to 7.1. Exploitation could occur by sending a malformed file and having it opened with QuickTime Player. Remediation, wher...

5.1CVSS7.4AI score0.05204EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.57 views

CVE-2007-0717

Apple QuickTime before 7.1.5 is affected by an integer overflow in handling QTIF files. A remote attacker could exploit a crafted QTIF to crash the QuickTime player or potentially execute arbitrary code, with impact on both macOS and Windows installations. Apple has addressed this issue in QuickT...

5.8CVSS7.5AI score0.05366EPSS
CVE
CVE
added 2007/07/15 9:0 p.m.57 views

CVE-2007-2402

CVE-2007-2402 affects QuickTime for Java in Apple QuickTime prior to 7.2. The vulnerability is a failure to perform sufficient access control, enabling remote attackers to obtain sensitive information (screen content) via crafted Java applets. The primary sources describe the issue as a design/lo...

4.3CVSS5.5AI score0.02843EPSS
CVE
CVE
added 2008/01/16 2:0 a.m.57 views

CVE-2008-0032

Apple QuickTime before 7.4 is affected by CVE-2008-0032 due to a heap corruption vulnerability in processing Macintosh Resources embedded in QuickTime movie files. The issue arises from a modified length value in the resource header of a Macintosh Resource record, enabling remote attackers to tri...

5.8CVSS7.2AI score0.03813EPSS
CVE
CVE
added 2008/12/09 11:0 a.m.57 views

CVE-2008-5406

Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 are affected by a stack-based buffer overflow in MOV parsing (described as an off-by-one overflow). This vulnerability can cause a denial of service and may allow arbitrary code execution, as noted in the CVE-2008-5406 description. OpenVAS entries ...

9.3CVSS7.8AI score0.09734EPSS
CVE
CVE
added 2009/01/21 8:0 p.m.57 views

CVE-2009-0006

Apple QuickTime before 7.6 is affected by CVE-2009-0006, a Cinepak MDAT heap overflow due to a signedness error . This allows remote code execution or a denial of service when parsing Cinepak-encoded movie files with a crafted MDAT atom. Exploitation details across sources indicate the issue can ...

9.3CVSS7.7AI score0.08199EPSS
CVE
CVE
added 2009/06/02 6:0 p.m.57 views

CVE-2009-0185

Apple QuickTime before 7.6.2 is affected by a heap-based buffer overflow in processing MS ADPCM encoded audio data within AVI files, enabling potential remote code execution or crash (DoS). Public docs list CVE-2009-0185 among a set of related QuickTime vulnerabilities; remediation is to update t...

9.3CVSS8AI score0.05842EPSS
CVE
CVE
added 2010/12/09 7:0 p.m.57 views

CVE-2010-0530

Summary: CVE-2010-0530 affects Apple QuickTime on Windows up to version 7.6.9. A filesystem permissions issue in the user profile’s Apple Computer directory allows a local user to read sensitive files. Affected software (from sources): QuickTime on Windows before 7.6.9. Root cause (as stated): We...

2.1CVSS5.1AI score0.00351EPSS
CVE
CVE
added 2013/12/27 1:0 a.m.57 views

CVE-2010-1819

CVE-2010-1819 relates to Apple QuickTime Picture Viewer prior to version 7.6.8. The vulnerability is an untrusted search path (DLL hijacking) issue where a Trojan horse placed alongside a .pic image can cause the Picture Viewer to load one of three libraries (CoreVideo.dll, CoreGraphics.dll, Core...

9.3CVSS7.3AI score0.04704EPSS
CVE
CVE
added 2010/11/16 9:0 p.m.57 views

CVE-2010-3793

CVE-2010-3793 affects Apple QuickTime on Mac OS X (10.6.x). A memory corruption flaw in handling Sorenson-encoded movie files could allow a remote attacker to cause arbitrary code execution or an application crash. The issue is addressed in Mac OS X 10.6.5; systems prior to 10.6.5 are vulnerable....

6.8CVSS9.2AI score0.029EPSS
CVE
CVE
added 2011/06/24 8:0 p.m.57 views

CVE-2011-0210

CVE-2011-0210 affects QuickTime in Mac OS X prior to 10.6.8. The issue is an integer overflow in QuickTime’s handling of audio channels in movie files, which may lead to arbitrary code execution or a crash. The vulnerability is mitigated for Mac OS X by the 10.6.8 update (and related QuickTime up...

6.8CVSS6.3AI score0.02895EPSS
CVE
CVE
added 2011/08/04 1:0 a.m.57 views

CVE-2011-0249

Apple QuickTime (before 7.7) is affected by a heap-based buffer overflow in the STSC atom handling in QuickTime movie files, allowing remote code execution or a denial of service. The CVE-2011-0249 flaw is triggered when a crafted STSC atom causes memory corruption during parsing, as documented b...

9.3CVSS8.7AI score0.05084EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.57 views

CVE-2013-0988

CVE-2013-0988 is a QuickTime FPX parsing vulnerability: a buffer overflow in handling FPX files could allow remote code execution (or application crash). The vulnerability is exploitable via a crafted FPX file, with attack vector over a network and no authentication, and is reflected in a high-se...

9.3CVSS7.7AI score0.04954EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.57 views

CVE-2013-0989

CVE-2013-0989 : A buffer overflow in Apple QuickTime prior to 7.7.4 can be triggered by a crafted MP3 file, allowing remote attackers to execute arbitrary code or cause a denial of service (application crash). Public references in the providedOpenVAS/Nessus data confirm QuickTime as the vulnerabl...

9.3CVSS7.7AI score0.04954EPSS
CVE
CVE
added 2006/03/19 1:0 a.m.56 views

CVE-2006-1249

CVE-2006-1249 describes an integer overflow in Apple QuickTime FPX image handling that can enable remote code execution. The vulnerability affects QuickTime Player versions 7.0.3/7.0.4 and related components (e.g., iTunes 6.x) due to a FPX field that specifies a large number of blocks, triggering...

6.8CVSS7.5AI score0.06EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.56 views

CVE-2006-4382

CVE-2006-4382 affects Apple QuickTime prior to 7.1.3 (Mac OS X and Windows). Multiple vulnerabilities in QuickTime formats (MOV, FLC, SGI, H.264, FPX) include buffer/heap/integer overflows that could enable remote code execution when a user opens a crafted file. The advisories consistently state ...

5.1CVSS7.2AI score0.06636EPSS
CVE
CVE
added 2008/06/10 6:0 p.m.56 views

CVE-2008-1585

CVE-2008-1585 concerns Apple QuickTime

6.8CVSS6.9AI score0.04115EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.56 views

CVE-2013-1018

Apple QuickTime CVE-2013-1018 is a buffer overflow in parsing of H.264-encoded movie data that could allow remote code execution or crash. It is documented as affecting QuickTime prior to 7.7.4; multiple advisories and scanners list this CVE among others related to QuickTime vulnerabilities. Reme...

9.3CVSS7.8AI score0.04954EPSS
CVE
CVE
added 2004/10/28 4:0 a.m.55 views

CVE-2004-0922

CVE-2004-0922 (Mac OS X AFP Server) affects AFP Server on Mac OS X 10.3.x through 10.3.5. The underlying issue is that the guest group ID is not properly set, which causes a write-only AFP Drop Box on a guest-mounted share to become read-write, allowing a guest to read the Drop Box. The connected...

5CVSS6.3AI score0.0097EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.55 views

CVE-2007-0714

Apple QuickTime UDTA atom integer overflow vulnerability (CVE-2007-0714) exists in parsing of UDTA data in QuickTime files. A crafted MOV file can trigger an integer overflow, leading to a heap overflow and potential remote code execution under the user’s context. Affected products are QuickTime ...

9.3CVSS7.5AI score0.08167EPSS
CVE
CVE
added 2007/04/26 8:0 p.m.55 views

CVE-2007-2295

CVE-2007-2295 describes a heap-based buffer overflow in the QuickTime component JVTCompEncodeFrame used when processing malformed H.264 MOV files. Affected product: Apple QuickTime 7.1.5 and earlier versions up to 7.2. The underlying issue is insufficient bounds checking, which allows remote atta...

9.3CVSS7.6AI score0.06512EPSS
CVE
CVE
added 2007/04/26 8:0 p.m.55 views

CVE-2007-2296

CVE-2007-2296: Apple QuickTime contains an integer overflow in the FlipFileTypeAtom_BtoN function used when parsing M4V/MP4 files, allowing remote code execution. Affected: QuickTime 7.1.5 and earlier; prior reports indicate impact for versions before 7.2. The connected documents confirm the root...

9.3CVSS7.4AI score0.05531EPSS
CVE
CVE
added 2007/07/15 9:0 p.m.55 views

CVE-2007-2394

Apple QuickTime (Mac OS X) before 7.2 on 10.3.9/10.4.9 is affected by an integer overflow in SMIL parsing, specifically in title/author fields, due to improper memory allocation calculations. This can allow user‑assisted remote code execution when a user opens a crafted SMIL file or visits a craf...

9.3CVSS7.5AI score0.12136EPSS
Web
CVE
CVE
added 2007/11/07 8:0 p.m.55 views

CVE-2007-2395

Apple QuickTime before 7.3 contains a memory corruption vulnerability in handling image description atoms within movie files, allowing a remote attacker to execute arbitrary code. The CERT/NVD entries confirm a buffer/memory-related issue that can be triggered by a specially crafted QuickTime mov...

9.3CVSS7.2AI score0.07258EPSS
CVE
CVE
added 2007/11/27 8:0 p.m.55 views

CVE-2007-4674

CVE-2007-4674 concerns Apple QuickTime 7.2. The vulnerability arises in parsing a movie atom with a large size value, triggering a stack-based buffer overflow in QuickTime’s parser. This allows remote code execution when a user opens a crafted movie file (or visits a malicious page). According to...

6.8CVSS7.2AI score0.03738EPSS
CVE
CVE
added 2008/09/10 4:0 p.m.55 views

CVE-2008-3615

CVE-2008-3615 affects Apple QuickTime on Windows due to an uninitialized memory access in the third‑party Indeo v5 codec (ir50_32.qtx). A crafted movie file can trigger remote code execution or cause a denial of service (crash). The issue is mitigated by updating to QuickTime 7.5.5 or later (as r...

9.3CVSS7.5AI score0.03987EPSS
CVE
CVE
added 2008/09/10 4:0 p.m.55 views

CVE-2008-3627

Apple QuickTime before 7.5.5 is affected by CVE-2008-3627 due to malformed MDAT atoms in MP4 (QuickTimeH264.qtx) and in mov files (QuickTimeH264.scalar), plus AVC1 atoms in an unknown type. Exploitation via a crafted H.264 movie could lead to arbitrary code execution or a denial of service (heap ...

9.3CVSS7.6AI score0.08618EPSS
CVE
CVE
added 2008/09/17 6:6 p.m.55 views

CVE-2008-4116

CVE-2008-4116 concerns Apple QuickTime 7.5.5 and iTunes 8.0. The vulnerability is a heap-based buffer overflow triggered by a long type attribute in a QuickTime tag (on a web page or embedded in .mp4/.mov), related to an off-by-one error and potentially associated with Check_stack_cookie. Consequ...

9.3CVSS8.2AI score0.11621EPSS
CVE
CVE
added 2009/06/02 6:0 p.m.55 views

CVE-2009-0954

Apple QuickTime for Windows is affected by CVE-2009-0954 due to a heap-based buffer overflow when parsing Clipping Region (CRGN) atoms in QuickTime movie files. The issue allows remote code execution or denial of service via a crafted movie file, with the root cause being improper bounds checks d...

9.3CVSS8AI score0.05691EPSS
CVE
CVE
added 2009/06/02 6:0 p.m.55 views

CVE-2009-0957

CVE-2009-0957 describes a heap-based buffer overflow in Apple QuickTime prior to 7.6.2, triggered during parsing of JP2 images. The flaw can allow remote attackers to execute arbitrary code or cause an application crash, potentially leading to denial of service. Affected product: Apple QuickTime

9.3CVSS8AI score0.05691EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.55 views

CVE-2010-0536

CVE-2010-0536 affects Apple QuickTime on Windows, where handling of a crafted BMP image can lead to memory corruption, enabling remote code execution or a denial of service (application crash). Affected product/component: Apple QuickTime prior to 7.6.6 on Windows. Root cause: improper BMP handlin...

9.3CVSS7.9AI score0.03744EPSS
CVE
CVE
added 2011/08/04 1:0 a.m.55 views

CVE-2011-0245

Apple QuickTime prior to version 7.7 is affected by a buffer overflow in the handling of pict files, allowing remote code execution or denial of service. Affected component: QuickTime (Windows/Mac). Root cause: buffer overflow when parsing pict data. Impact: arbitrary code execution or applicatio...

9.3CVSS7.8AI score0.0418EPSS
Total number of security vulnerabilities246