Quicktime@* Security Vulnerabilities and Issues — Quicktime@* CVE List

Lucene search

AppleQuicktime*

12 matches found

CVE•added 2007/09/24 12:17 a.m.•55 views

CVE-2007-5045

Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the F...

9.3CVSS8.1AI score0.49726EPSS

CVE•added 2007/12/15 1:46 a.m.•54 views

CVE-2007-4707

Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie.

9.3CVSS7.5AI score0.04956EPSS

CVE•added 2007/11/29 1:46 a.m.•54 views

CVE-2007-6166

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

9.3CVSS7.6AI score0.83919EPSS

CVE•added 2007/11/07 11:46 p.m.•53 views

CVE-2007-3750

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file.

9.3CVSS7.6AI score0.24421EPSS

CVE•added 2007/11/07 11:46 p.m.•43 views

CVE-2007-2395

Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption."

9.3CVSS7.2AI score0.17103EPSS

CVE•added 2007/03/05 10:19 p.m.•42 views

CVE-2007-0712

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.

9.3CVSS7.6AI score0.24989EPSS

CVE•added 2007/03/05 10:19 p.m.•42 views

CVE-2007-0714

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.

9.3CVSS7.5AI score0.58639EPSS

CVE•added 2007/01/05 12:28 a.m.•41 views

CVE-2007-0059

Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a lo...

6.8CVSS6.7AI score0.11462EPSS

CVE•added 2007/12/15 1:46 a.m.•41 views

CVE-2007-4706

Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file.

6.8CVSS7.6AI score0.04039EPSS

CVE•added 2007/05/14 9:19 p.m.•39 views

CVE-2007-0754

Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie.

9.3CVSS7.6AI score0.11928EPSS

CVE•added 2007/11/07 11:46 p.m.•39 views

CVE-2007-4672

Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image.

7.6CVSS7.6AI score0.47761EPSS

CVE•added 2007/03/05 10:19 p.m.•34 views

CVE-2007-0711

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.

9.3CVSS7.5AI score0.23911EPSS