246 matches found
CVE-2007-6238
Technical details for CVE-2007-6238 are not publicly provided in the provided documents; the Initial Description is vague. Monitor for updates.
CVE-2010-0527
CVE-2010-0527 affects Apple QuickTime on Windows prior to 7.6.6. The issue is an integer overflow in QuickTime’s handling of PICT images, which could allow remote code execution or a denial of service (application crash) when a crafted PICT image is processed. Multiple connected sources corrobora...
CVE-2010-1508
CVE-2010-1508 describes a heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows, triggered by parsing Track Header (tkhd) atoms and potentially allowing arbitrary code execution or a crash. OpenVAS notes the issue affects Windows QuickTime and does not affect Mac OS X. Secunia’s a...
CVE-2010-3802
CVE-2010-3802 affects Apple QuickTime prior to 7.6.9. It is a memory-corruption/remote-code-execution risk caused by a signedness error in handling a crafted panorama atom in a QuickTime VR (QTVR) movie. Exploitation could lead to arbitrary code execution or an application crash. Remediation indi...
CVE-2014-4979
Apple QuickTime for Windows is affected by CVE-2014-4979 due to memory corruption in the mvhd atom when handling malformed version numbers and flags, potentially enabling arbitrary code execution or a crash. The issue is addressed in QuickTime 7.7.6, per the Apple security content; updating to th...
CVE-2015-7086
Technical details for CVE-2015-7086 are not publicly provided in the connected documents. The initial description mentions QuickTime before 7.7.9 vulnerable to remote code execution via crafted movie files. No additional vendor/version specifics are available here; monitor for updates.
CVE-2005-1579
CVE-2005-1579 affects Apple QuickTime Player 7.0 on Mac OS X 10.4, enabling information disclosure via a specially crafted .mov containing a Quartz Composer (.qtz) file that uses patches to read local data and send it to an attacker. The vulnerability is described in multiple sources, with a work...
CVE-2006-1460
Apple QuickTime before 7.1 is affected by CVE-2006-1460 due to a heap buffer overflow in the udta Atom of MOV files. A crafted MOV containing an oversized udta Atom can trigger memory overwrite, leading to remote code execution under the user’s context. Affected products include QuickTime for Win...
CVE-2007-0715
CVE-2007-0715: A heap-based buffer overflow in Apple QuickTime prior to 7.1.5 affects processing of PICT files. This allows remote user-assisted attackers to crash QuickTime and potentially execute arbitrary code. Affected product: Apple QuickTime (on macOS/Windows). Root cause: heap corruption t...
CVE-2008-0778
Multiple stack-based buffer overflows exist in the QTPlugin.ocx ActiveX control of Apple QuickTime 7.4.1 and earlier. The vulnerability affects the QTPlugin.ocx component and is triggered by long arguments to the SetBgColor, SetHREF, SetMovieName, SetTarget, and SetMatrix methods, allowing remote...
CVE-2008-1013
CVE-2008-1013 affects Apple QuickTime before version 7.4.5. The vulnerability arises from deserialization of QTJava objects by untrusted Java applets, enabling remote attackers to execute arbitrary code via a crafted applet. Impact is remote code execution with the attacker’s code running under t...
CVE-2008-1017
CVE-2008-1017 describes a heap‑based buffer overflow in the crgn atom parsing (quicktime.qts) of Apple QuickTime before 7.4.5. A crafted movie can cause arbitrary code execution in the user’s context. Affected product: Apple QuickTime (Windows/macOS)
CVE-2008-1021
Apple QuickTime contains a heap-based buffer overflow in the Animation codec content handling that can allow remote code execution via a crafted QuickTime movie using Run Length Encoding. Affected product: Apple QuickTime Player prior to 7.4.5 (Windows). Evidence across sources confirms the vulne...
CVE-2012-3758
CVE-2012-3758 affects Apple QuickTime before 7.7.3. A buffer overflow in handling the transform attribute of text3GTrack TeXML files can allow remote code execution or cause an application crash (DoS). Public references confirm vulnerability details and mention upgrading to QuickTime 7.7.3 as rem...
CVE-2013-1021
Apple QuickTime vulnerability CVE-2013-1021 is a buffer overflow in QuickTime before 7.7.4 triggered by crafted JPEG data in a movie file. This can allow remote code execution or a denial of service (application crash). Exploitation requires opening a malicious file or streaming data containing t...
CVE-2004-0431
CVE-2004-0431 concerns Apple QuickTime (QuickTime.qts) before 6.5.1. The vulnerability is an integer overflow in the Sample-to-Chunk table handling that can overflow a heap and enable arbitrary code execution when a user opens a malicious QuickTime file. Affected component is QuickTime.qts in Qui...
CVE-2005-3707
Apple QuickTime before 7.0.4 contains a buffer overflow in the handling of TGA image files (CVE-2005-3707). A crafted TGA image could allow a remote attacker to execute arbitrary code on vulnerable systems running QuickTime, with the impact described as remote code execution. The issue is tied to...
CVE-2006-1454
CVE-2006-1454 affects Apple QuickTime before 7.1. It is a heap-based buffer overflow in QuickDraw PICT image format support, enabling remote code execution when a crafted image is opened. Remediation per sources: upgrade to QuickTime 7.1 (Mac/Windows).
CVE-2006-1465
CVE-2006-1465 : Buffer overflow in Apple QuickTime before 7.1 allows remote code execution via a crafted QuickTime AVI file. Affected: QuickTime on Windows and Mac OS X prior to 7.1. Exploitation could occur by sending a malformed file and having it opened with QuickTime Player. Remediation, wher...
CVE-2007-0717
Apple QuickTime before 7.1.5 is affected by an integer overflow in handling QTIF files. A remote attacker could exploit a crafted QTIF to crash the QuickTime player or potentially execute arbitrary code, with impact on both macOS and Windows installations. Apple has addressed this issue in QuickT...
CVE-2007-2402
CVE-2007-2402 affects QuickTime for Java in Apple QuickTime prior to 7.2. The vulnerability is a failure to perform sufficient access control, enabling remote attackers to obtain sensitive information (screen content) via crafted Java applets. The primary sources describe the issue as a design/lo...
CVE-2008-0032
Apple QuickTime before 7.4 is affected by CVE-2008-0032 due to a heap corruption vulnerability in processing Macintosh Resources embedded in QuickTime movie files. The issue arises from a modified length value in the resource header of a Macintosh Resource record, enabling remote attackers to tri...
CVE-2008-5406
Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 are affected by a stack-based buffer overflow in MOV parsing (described as an off-by-one overflow). This vulnerability can cause a denial of service and may allow arbitrary code execution, as noted in the CVE-2008-5406 description. OpenVAS entries ...
CVE-2009-0006
Apple QuickTime before 7.6 is affected by CVE-2009-0006, a Cinepak MDAT heap overflow due to a signedness error . This allows remote code execution or a denial of service when parsing Cinepak-encoded movie files with a crafted MDAT atom. Exploitation details across sources indicate the issue can ...
CVE-2009-0185
Apple QuickTime before 7.6.2 is affected by a heap-based buffer overflow in processing MS ADPCM encoded audio data within AVI files, enabling potential remote code execution or crash (DoS). Public docs list CVE-2009-0185 among a set of related QuickTime vulnerabilities; remediation is to update t...
CVE-2010-0530
Summary: CVE-2010-0530 affects Apple QuickTime on Windows up to version 7.6.9. A filesystem permissions issue in the user profile’s Apple Computer directory allows a local user to read sensitive files. Affected software (from sources): QuickTime on Windows before 7.6.9. Root cause (as stated): We...
CVE-2010-1819
CVE-2010-1819 relates to Apple QuickTime Picture Viewer prior to version 7.6.8. The vulnerability is an untrusted search path (DLL hijacking) issue where a Trojan horse placed alongside a .pic image can cause the Picture Viewer to load one of three libraries (CoreVideo.dll, CoreGraphics.dll, Core...
CVE-2010-3793
CVE-2010-3793 affects Apple QuickTime on Mac OS X (10.6.x). A memory corruption flaw in handling Sorenson-encoded movie files could allow a remote attacker to cause arbitrary code execution or an application crash. The issue is addressed in Mac OS X 10.6.5; systems prior to 10.6.5 are vulnerable....
CVE-2011-0210
CVE-2011-0210 affects QuickTime in Mac OS X prior to 10.6.8. The issue is an integer overflow in QuickTime’s handling of audio channels in movie files, which may lead to arbitrary code execution or a crash. The vulnerability is mitigated for Mac OS X by the 10.6.8 update (and related QuickTime up...
CVE-2011-0249
Apple QuickTime (before 7.7) is affected by a heap-based buffer overflow in the STSC atom handling in QuickTime movie files, allowing remote code execution or a denial of service. The CVE-2011-0249 flaw is triggered when a crafted STSC atom causes memory corruption during parsing, as documented b...
CVE-2013-0988
CVE-2013-0988 is a QuickTime FPX parsing vulnerability: a buffer overflow in handling FPX files could allow remote code execution (or application crash). The vulnerability is exploitable via a crafted FPX file, with attack vector over a network and no authentication, and is reflected in a high-se...
CVE-2013-0989
CVE-2013-0989 : A buffer overflow in Apple QuickTime prior to 7.7.4 can be triggered by a crafted MP3 file, allowing remote attackers to execute arbitrary code or cause a denial of service (application crash). Public references in the providedOpenVAS/Nessus data confirm QuickTime as the vulnerabl...
CVE-2006-1249
CVE-2006-1249 describes an integer overflow in Apple QuickTime FPX image handling that can enable remote code execution. The vulnerability affects QuickTime Player versions 7.0.3/7.0.4 and related components (e.g., iTunes 6.x) due to a FPX field that specifies a large number of blocks, triggering...
CVE-2006-4382
CVE-2006-4382 affects Apple QuickTime prior to 7.1.3 (Mac OS X and Windows). Multiple vulnerabilities in QuickTime formats (MOV, FLC, SGI, H.264, FPX) include buffer/heap/integer overflows that could enable remote code execution when a user opens a crafted file. The advisories consistently state ...
CVE-2008-1585
CVE-2008-1585 concerns Apple QuickTime
CVE-2013-1018
Apple QuickTime CVE-2013-1018 is a buffer overflow in parsing of H.264-encoded movie data that could allow remote code execution or crash. It is documented as affecting QuickTime prior to 7.7.4; multiple advisories and scanners list this CVE among others related to QuickTime vulnerabilities. Reme...
CVE-2004-0922
CVE-2004-0922 (Mac OS X AFP Server) affects AFP Server on Mac OS X 10.3.x through 10.3.5. The underlying issue is that the guest group ID is not properly set, which causes a write-only AFP Drop Box on a guest-mounted share to become read-write, allowing a guest to read the Drop Box. The connected...
CVE-2007-0714
Apple QuickTime UDTA atom integer overflow vulnerability (CVE-2007-0714) exists in parsing of UDTA data in QuickTime files. A crafted MOV file can trigger an integer overflow, leading to a heap overflow and potential remote code execution under the user’s context. Affected products are QuickTime ...
CVE-2007-2295
CVE-2007-2295 describes a heap-based buffer overflow in the QuickTime component JVTCompEncodeFrame used when processing malformed H.264 MOV files. Affected product: Apple QuickTime 7.1.5 and earlier versions up to 7.2. The underlying issue is insufficient bounds checking, which allows remote atta...
CVE-2007-2296
CVE-2007-2296: Apple QuickTime contains an integer overflow in the FlipFileTypeAtom_BtoN function used when parsing M4V/MP4 files, allowing remote code execution. Affected: QuickTime 7.1.5 and earlier; prior reports indicate impact for versions before 7.2. The connected documents confirm the root...
CVE-2007-2394
Apple QuickTime (Mac OS X) before 7.2 on 10.3.9/10.4.9 is affected by an integer overflow in SMIL parsing, specifically in title/author fields, due to improper memory allocation calculations. This can allow user‑assisted remote code execution when a user opens a crafted SMIL file or visits a craf...
CVE-2007-2395
Apple QuickTime before 7.3 contains a memory corruption vulnerability in handling image description atoms within movie files, allowing a remote attacker to execute arbitrary code. The CERT/NVD entries confirm a buffer/memory-related issue that can be triggered by a specially crafted QuickTime mov...
CVE-2007-4674
CVE-2007-4674 concerns Apple QuickTime 7.2. The vulnerability arises in parsing a movie atom with a large size value, triggering a stack-based buffer overflow in QuickTime’s parser. This allows remote code execution when a user opens a crafted movie file (or visits a malicious page). According to...
CVE-2008-3615
CVE-2008-3615 affects Apple QuickTime on Windows due to an uninitialized memory access in the third‑party Indeo v5 codec (ir50_32.qtx). A crafted movie file can trigger remote code execution or cause a denial of service (crash). The issue is mitigated by updating to QuickTime 7.5.5 or later (as r...
CVE-2008-3627
Apple QuickTime before 7.5.5 is affected by CVE-2008-3627 due to malformed MDAT atoms in MP4 (QuickTimeH264.qtx) and in mov files (QuickTimeH264.scalar), plus AVC1 atoms in an unknown type. Exploitation via a crafted H.264 movie could lead to arbitrary code execution or a denial of service (heap ...
CVE-2008-4116
CVE-2008-4116 concerns Apple QuickTime 7.5.5 and iTunes 8.0. The vulnerability is a heap-based buffer overflow triggered by a long type attribute in a QuickTime tag (on a web page or embedded in .mp4/.mov), related to an off-by-one error and potentially associated with Check_stack_cookie. Consequ...
CVE-2009-0954
Apple QuickTime for Windows is affected by CVE-2009-0954 due to a heap-based buffer overflow when parsing Clipping Region (CRGN) atoms in QuickTime movie files. The issue allows remote code execution or denial of service via a crafted movie file, with the root cause being improper bounds checks d...
CVE-2009-0957
CVE-2009-0957 describes a heap-based buffer overflow in Apple QuickTime prior to 7.6.2, triggered during parsing of JP2 images. The flaw can allow remote attackers to execute arbitrary code or cause an application crash, potentially leading to denial of service. Affected product: Apple QuickTime
CVE-2010-0536
CVE-2010-0536 affects Apple QuickTime on Windows, where handling of a crafted BMP image can lead to memory corruption, enabling remote code execution or a denial of service (application crash). Affected product/component: Apple QuickTime prior to 7.6.6 on Windows. Root cause: improper BMP handlin...
CVE-2011-0245
Apple QuickTime prior to version 7.7 is affected by a buffer overflow in the handling of pict files, allowing remote code execution or denial of service. Affected component: QuickTime (Windows/Mac). Root cause: buffer overflow when parsing pict data. Impact: arbitrary code execution or applicatio...