Lucene search
K
AppleQuicktime

246 matches found

CVE
CVE
added 2011/06/24 8:0 p.m.60 views

CVE-2011-0213

Apple QuickTime contains multiple CVEs including CVE-2011-0213. The issue is a buffer overflow in QuickTime’s JPEG handling that can cause application termination or arbitrary code execution when processing a crafted JPEG, with impact on Mac OS X and Windows. For Mac OS X, Apple states the issue ...

6.8CVSS6.2AI score0.0332EPSS
CVE
CVE
added 2012/05/16 1:0 a.m.60 views

CVE-2012-0666

The CVE-2012-0666 entry is confirmed to have concrete technical details in connected documents: Apple QuickTime on Windows contains a stack-based buffer overflow in the QuickTime plugin (QTPluginControl::SetLanguage) triggered via crafted QTMovie objects, enabling remote code execution or a crash...

9.3CVSS7.9AI score0.04057EPSS
CVE
CVE
added 2014/02/27 1:0 a.m.60 views

CVE-2014-1249

CVE-2014-1249 affects Apple QuickTime before 7.7.5. The vulnerability is a buffer overflow in the PSD image handling used by QuickTime, which can lead to remote arbitrary code execution or an application crash. Connected sources corroborate a PSD-related overflow in QuickTime, with multiple OpenV...

9.3CVSS7.7AI score0.04072EPSS
CVE
CVE
added 2014/07/26 10:0 a.m.60 views

CVE-2014-4979

Apple QuickTime for Windows is affected by CVE-2014-4979 due to memory corruption in the mvhd atom when handling malformed version numbers and flags, potentially enabling arbitrary code execution or a crash. The issue is addressed in QuickTime 7.7.6, per the Apple security content; updating to th...

9.3CVSS7.6AI score0.03587EPSS
CVE
CVE
added 2005/05/14 4:0 a.m.59 views

CVE-2005-1579

CVE-2005-1579 affects Apple QuickTime Player 7.0 on Mac OS X 10.4, enabling information disclosure via a specially crafted .mov containing a Quartz Composer (.qtz) file that uses patches to read local data and send it to an attacker. The vulnerability is described in multiple sources, with a work...

5CVSS5.4AI score0.02035EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.59 views

CVE-2006-4384

CVE-2006-4384 : A heap-based buffer overflow in Apple QuickTime prior to 7.1.3 allows a user-assisted remote attacker to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. Impact is remote code execution within the user’s privileges; exploitation requires user interaction. Affec...

5.1CVSS7.5AI score0.15248EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.59 views

CVE-2007-0716

CVE-2007-0716 : Apple QuickTime before 7.1.5 contains a stack-based buffer overflow in QTIF file handling. A remote, user-assisted attacker can crash the application or potentially execute arbitrary code by presenting a crafted QTIF file. Corrective action identified in the connected sources is t...

5.8CVSS7.6AI score0.06087EPSS
CVE
CVE
added 2008/02/14 11:0 a.m.59 views

CVE-2008-0778

Multiple stack-based buffer overflows exist in the QTPlugin.ocx ActiveX control of Apple QuickTime 7.4.1 and earlier. The vulnerability affects the QTPlugin.ocx component and is triggered by long arguments to the SetBgColor, SetHREF, SetMovieName, SetTarget, and SetMatrix methods, allowing remote...

7.5CVSS7.7AI score0.09214EPSS
CVE
CVE
added 2008/04/04 5:0 p.m.59 views

CVE-2008-1017

CVE-2008-1017 describes a heap‑based buffer overflow in the crgn atom parsing (quicktime.qts) of Apple QuickTime before 7.4.5. A crafted movie can cause arbitrary code execution in the user’s context. Affected product: Apple QuickTime (Windows/macOS)

6.8CVSS7.5AI score0.07163EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.59 views

CVE-2010-0527

CVE-2010-0527 affects Apple QuickTime on Windows prior to 7.6.6. The issue is an integer overflow in QuickTime’s handling of PICT images, which could allow remote code execution or a denial of service (application crash) when a crafted PICT image is processed. Multiple connected sources corrobora...

9.3CVSS7.8AI score0.03822EPSS
CVE
CVE
added 2010/12/09 7:0 p.m.59 views

CVE-2010-3802

CVE-2010-3802 affects Apple QuickTime prior to 7.6.9. It is a memory-corruption/remote-code-execution risk caused by a signedness error in handling a crafted panorama atom in a QuickTime VR (QTVR) movie. Exploitation could lead to arbitrary code execution or an application crash. Remediation indi...

9.3CVSS6.7AI score0.04937EPSS
CVE
CVE
added 2012/11/09 7:0 p.m.59 views

CVE-2012-3758

CVE-2012-3758 affects Apple QuickTime before 7.7.3. A buffer overflow in handling the transform attribute of text3GTrack TeXML files can allow remote code execution or cause an application crash (DoS). Public references confirm vulnerability details and mention upgrading to QuickTime 7.7.3 as rem...

9.3CVSS7.8AI score0.04954EPSS
CVE
CVE
added 2016/01/09 2:0 a.m.59 views

CVE-2015-7086

Technical details for CVE-2015-7086 are not publicly provided in the connected documents. The initial description mentions QuickTime before 7.7.9 vulnerable to remote code execution via crafted movie files. No additional vendor/version specifics are available here; monitor for updates.

6.8CVSS7.1AI score0.01348EPSS
CVE
CVE
added 2004/05/06 4:0 a.m.58 views

CVE-2004-0431

CVE-2004-0431 concerns Apple QuickTime (QuickTime.qts) before 6.5.1. The vulnerability is an integer overflow in the Sample-to-Chunk table handling that can overflow a heap and enable arbitrary code execution when a user opens a malicious QuickTime file. Affected component is QuickTime.qts in Qui...

5.1CVSS7.4AI score0.03243EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.58 views

CVE-2006-1465

CVE-2006-1465 : Buffer overflow in Apple QuickTime before 7.1 allows remote code execution via a crafted QuickTime AVI file. Affected: QuickTime on Windows and Mac OS X prior to 7.1. Exploitation could occur by sending a malformed file and having it opened with QuickTime Player. Remediation, wher...

5.1CVSS7.4AI score0.05204EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.58 views

CVE-2007-0715

CVE-2007-0715: A heap-based buffer overflow in Apple QuickTime prior to 7.1.5 affects processing of PICT files. This allows remote user-assisted attackers to crash QuickTime and potentially execute arbitrary code. Affected product: Apple QuickTime (on macOS/Windows). Root cause: heap corruption t...

5.8CVSS7.6AI score0.06087EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.58 views

CVE-2007-0717

Apple QuickTime before 7.1.5 is affected by an integer overflow in handling QTIF files. A remote attacker could exploit a crafted QTIF to crash the QuickTime player or potentially execute arbitrary code, with impact on both macOS and Windows installations. Apple has addressed this issue in QuickT...

5.8CVSS7.5AI score0.05366EPSS
CVE
CVE
added 2007/07/15 9:0 p.m.58 views

CVE-2007-2402

CVE-2007-2402 affects QuickTime for Java in Apple QuickTime prior to 7.2. The vulnerability is a failure to perform sufficient access control, enabling remote attackers to obtain sensitive information (screen content) via crafted Java applets. The primary sources describe the issue as a design/lo...

4.3CVSS5.5AI score0.02843EPSS
CVE
CVE
added 2008/04/04 5:0 p.m.58 views

CVE-2008-1013

CVE-2008-1013 affects Apple QuickTime before version 7.4.5. The vulnerability arises from deserialization of QTJava objects by untrusted Java applets, enabling remote attackers to execute arbitrary code via a crafted applet. Impact is remote code execution with the attacker’s code running under t...

6.8CVSS7.3AI score0.04134EPSS
CVE
CVE
added 2008/06/10 6:0 p.m.58 views

CVE-2008-1585

CVE-2008-1585 concerns Apple QuickTime

6.8CVSS6.9AI score0.04115EPSS
CVE
CVE
added 2010/12/09 7:0 p.m.58 views

CVE-2010-0530

Summary: CVE-2010-0530 affects Apple QuickTime on Windows up to version 7.6.9. A filesystem permissions issue in the user profile’s Apple Computer directory allows a local user to read sensitive files. Affected software (from sources): QuickTime on Windows before 7.6.9. Root cause (as stated): We...

2.1CVSS5.1AI score0.00351EPSS
CVE
CVE
added 2013/12/27 1:0 a.m.58 views

CVE-2010-1819

CVE-2010-1819 relates to Apple QuickTime Picture Viewer prior to version 7.6.8. The vulnerability is an untrusted search path (DLL hijacking) issue where a Trojan horse placed alongside a .pic image can cause the Picture Viewer to load one of three libraries (CoreVideo.dll, CoreGraphics.dll, Core...

9.3CVSS7.3AI score0.04704EPSS
CVE
CVE
added 2010/11/16 9:0 p.m.58 views

CVE-2010-3793

CVE-2010-3793 affects Apple QuickTime on Mac OS X (10.6.x). A memory corruption flaw in handling Sorenson-encoded movie files could allow a remote attacker to cause arbitrary code execution or an application crash. The issue is addressed in Mac OS X 10.6.5; systems prior to 10.6.5 are vulnerable....

6.8CVSS9.2AI score0.029EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.58 views

CVE-2013-1021

Apple QuickTime vulnerability CVE-2013-1021 is a buffer overflow in QuickTime before 7.7.4 triggered by crafted JPEG data in a movie file. This can allow remote code execution or a denial of service (application crash). Exploitation requires opening a malicious file or streaming data containing t...

9.3CVSS7.8AI score0.04014EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.57 views

CVE-2005-3707

Apple QuickTime before 7.0.4 contains a buffer overflow in the handling of TGA image files (CVE-2005-3707). A crafted TGA image could allow a remote attacker to execute arbitrary code on vulnerable systems running QuickTime, with the impact described as remote code execution. The issue is tied to...

7.5CVSS7.5AI score0.07958EPSS
CVE
CVE
added 2006/03/19 1:0 a.m.57 views

CVE-2006-1249

CVE-2006-1249 describes an integer overflow in Apple QuickTime FPX image handling that can enable remote code execution. The vulnerability affects QuickTime Player versions 7.0.3/7.0.4 and related components (e.g., iTunes 6.x) due to a FPX field that specifies a large number of blocks, triggering...

6.8CVSS7.5AI score0.06EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.57 views

CVE-2006-4382

CVE-2006-4382 affects Apple QuickTime prior to 7.1.3 (Mac OS X and Windows). Multiple vulnerabilities in QuickTime formats (MOV, FLC, SGI, H.264, FPX) include buffer/heap/integer overflows that could enable remote code execution when a user opens a crafted file. The advisories consistently state ...

5.1CVSS7.2AI score0.06636EPSS
CVE
CVE
added 2007/07/15 9:0 p.m.57 views

CVE-2007-2394

Apple QuickTime (Mac OS X) before 7.2 on 10.3.9/10.4.9 is affected by an integer overflow in SMIL parsing, specifically in title/author fields, due to improper memory allocation calculations. This can allow user‑assisted remote code execution when a user opens a crafted SMIL file or visits a craf...

9.3CVSS7.5AI score0.12136EPSS
CVE
CVE
added 2008/01/16 2:0 a.m.57 views

CVE-2008-0032

Apple QuickTime before 7.4 is affected by CVE-2008-0032 due to a heap corruption vulnerability in processing Macintosh Resources embedded in QuickTime movie files. The issue arises from a modified length value in the resource header of a Macintosh Resource record, enabling remote attackers to tri...

5.8CVSS7.2AI score0.03813EPSS
CVE
CVE
added 2008/12/09 11:0 a.m.57 views

CVE-2008-5406

Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 are affected by a stack-based buffer overflow in MOV parsing (described as an off-by-one overflow). This vulnerability can cause a denial of service and may allow arbitrary code execution, as noted in the CVE-2008-5406 description. OpenVAS entries ...

9.3CVSS7.8AI score0.09734EPSS
CVE
CVE
added 2009/01/21 8:0 p.m.57 views

CVE-2009-0006

Apple QuickTime before 7.6 is affected by CVE-2009-0006, a Cinepak MDAT heap overflow due to a signedness error . This allows remote code execution or a denial of service when parsing Cinepak-encoded movie files with a crafted MDAT atom. Exploitation details across sources indicate the issue can ...

9.3CVSS7.7AI score0.08199EPSS
CVE
CVE
added 2009/06/02 6:0 p.m.57 views

CVE-2009-0185

Apple QuickTime before 7.6.2 is affected by a heap-based buffer overflow in processing MS ADPCM encoded audio data within AVI files, enabling potential remote code execution or crash (DoS). Public docs list CVE-2009-0185 among a set of related QuickTime vulnerabilities; remediation is to update t...

9.3CVSS8AI score0.05842EPSS
CVE
CVE
added 2009/06/02 6:0 p.m.57 views

CVE-2009-0957

CVE-2009-0957 describes a heap-based buffer overflow in Apple QuickTime prior to 7.6.2, triggered during parsing of JP2 images. The flaw can allow remote attackers to execute arbitrary code or cause an application crash, potentially leading to denial of service. Affected product: Apple QuickTime

9.3CVSS8AI score0.05691EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.57 views

CVE-2010-0536

CVE-2010-0536 affects Apple QuickTime on Windows, where handling of a crafted BMP image can lead to memory corruption, enabling remote code execution or a denial of service (application crash). Affected product/component: Apple QuickTime prior to 7.6.6 on Windows. Root cause: improper BMP handlin...

9.3CVSS7.9AI score0.03744EPSS
CVE
CVE
added 2011/06/24 8:0 p.m.57 views

CVE-2011-0210

CVE-2011-0210 affects QuickTime in Mac OS X prior to 10.6.8. The issue is an integer overflow in QuickTime’s handling of audio channels in movie files, which may lead to arbitrary code execution or a crash. The vulnerability is mitigated for Mac OS X by the 10.6.8 update (and related QuickTime up...

6.8CVSS6.3AI score0.02895EPSS
CVE
CVE
added 2011/08/04 1:0 a.m.57 views

CVE-2011-0249

Apple QuickTime (before 7.7) is affected by a heap-based buffer overflow in the STSC atom handling in QuickTime movie files, allowing remote code execution or a denial of service. The CVE-2011-0249 flaw is triggered when a crafted STSC atom causes memory corruption during parsing, as documented b...

9.3CVSS8.7AI score0.05084EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.57 views

CVE-2013-0988

CVE-2013-0988 is a QuickTime FPX parsing vulnerability: a buffer overflow in handling FPX files could allow remote code execution (or application crash). The vulnerability is exploitable via a crafted FPX file, with attack vector over a network and no authentication, and is reflected in a high-se...

9.3CVSS7.7AI score0.04954EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.57 views

CVE-2013-0989

CVE-2013-0989 : A buffer overflow in Apple QuickTime prior to 7.7.4 can be triggered by a crafted MP3 file, allowing remote attackers to execute arbitrary code or cause a denial of service (application crash). Public references in the providedOpenVAS/Nessus data confirm QuickTime as the vulnerabl...

9.3CVSS7.7AI score0.04954EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.56 views

CVE-2006-4385

CVE-2006-4385 refers to a buffer overflow in Apple QuickTime’s SGI image handling that could allow a user-assisted remote attacker to execute arbitrary code. Affected product: Apple QuickTime prior to 7.1.3 (Windows and Mac) with SGI format processing vulnerable. Impact per sources: potential rem...

5.1CVSS7.2AI score0.06268EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.56 views

CVE-2006-4388

Apple QuickTime (Mac and Windows) contains an integer overflow in FlashPix (FPX) format handling, listed as CVE-2006-4388, enabling user-assisted remote code execution via a crafted FPX file. Public advisories (GLSA 200803-08, etc.) group these with other QuickTime format issues and note that App...

5.1CVSS7.2AI score0.05526EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.56 views

CVE-2007-0714

Apple QuickTime UDTA atom integer overflow vulnerability (CVE-2007-0714) exists in parsing of UDTA data in QuickTime files. A crafted MOV file can trigger an integer overflow, leading to a heap overflow and potential remote code execution under the user’s context. Affected products are QuickTime ...

9.3CVSS7.5AI score0.08167EPSS
CVE
CVE
added 2008/04/04 5:0 p.m.56 views

CVE-2008-1022

CVE-2008-1022 describes a stack-based buffer overflow in Apple QuickTime before 7.4.5, triggered by parsing the QuickTime VR VR movie atom named “obji” with a size of zero. A remote attacker could cause arbitrary code execution by delivering a crafted VR movie file that exploits this atom-parsing...

6.8CVSS7.5AI score0.06947EPSS
CVE
CVE
added 2013/05/24 10:0 a.m.56 views

CVE-2013-1018

Apple QuickTime CVE-2013-1018 is a buffer overflow in parsing of H.264-encoded movie data that could allow remote code execution or crash. It is documented as affecting QuickTime prior to 7.7.4; multiple advisories and scanners list this CVE among others related to QuickTime vulnerabilities. Reme...

9.3CVSS7.8AI score0.04954EPSS
CVE
CVE
added 2004/10/28 4:0 a.m.55 views

CVE-2004-0922

CVE-2004-0922 (Mac OS X AFP Server) affects AFP Server on Mac OS X 10.3.x through 10.3.5. The underlying issue is that the guest group ID is not properly set, which causes a write-only AFP Drop Box on a guest-mounted share to become read-write, allowing a guest to read the Drop Box. The connected...

5CVSS6.3AI score0.0097EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.55 views

CVE-2006-1459

CVE-2006-1459 refers to multiple integer overflows in Apple QuickTime before 7.1 that allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). The vulnerability affects QuickTime on Mac OS X and Windows prior to 7.1; exploitation involves...

5.1CVSS7.4AI score0.04417EPSS
CVE
CVE
added 2006/05/12 8:0 p.m.55 views

CVE-2006-1463

Apple QuickTime before 7.1 is affected by a heap-based buffer overflow in the H.264 (M4V) parsing path. The vulnerability arises from a memory copy loop that trusts a user-supplied size value, enabling remote code execution when a malformed video file is opened or embedded. The issue is documente...

5.1CVSS7.6AI score0.06516EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.55 views

CVE-2006-4389

Apple QuickTime (Windows and Mac OS X) prior to version 7.1.3 is affected by CVE-2006-4389 (FPX/FlashPix format) where an exception leads to an operation on an uninitialized object, enabling user-assisted remote code execution. The issue is part of a set of QuickTime vulnerabilities (MOV/FPX/SGI/...

5.1CVSS7AI score0.07253EPSS
CVE
CVE
added 2007/01/05 12:0 a.m.55 views

CVE-2007-0059

CVE-2007-0059 is a cross-zone scripting vulnerability in Apple QuickTime 3–7.1.3 . A QuickTime movie (.MOV) with an HREF Track that contains an automatic action tag with a local URI can execute in the local zone during preview, enabling remote user‑assisted execution and the ability to list files...

6.8CVSS6.7AI score0.05638EPSS
CVE
CVE
added 2007/03/05 10:0 p.m.55 views

CVE-2007-0712

Apple QuickTime (Windows/macOS) before 7.1.5 is affected by a heap-based buffer overflow when processing MIDI files, allowing remote, user-assisted attackers to cause a denial of service and possibly execute arbitrary code. The issue is triggered by crafted MIDI data and is documented as CVE-2007...

9.3CVSS7.6AI score0.06893EPSS
CVE
CVE
added 2007/04/26 8:0 p.m.55 views

CVE-2007-2295

CVE-2007-2295 describes a heap-based buffer overflow in the QuickTime component JVTCompEncodeFrame used when processing malformed H.264 MOV files. Affected product: Apple QuickTime 7.1.5 and earlier versions up to 7.2. The underlying issue is insufficient bounds checking, which allows remote atta...

9.3CVSS7.6AI score0.06512EPSS
Total number of security vulnerabilities246