Quicktime@5.0.1 Security Vulnerabilities and Issues — Page 2 of Quicktime@5.0.1 CVE List

Lucene search

AppleQuicktime5.0.1

84 matches found

CVE•added 2010/12/09 8:0 p.m.•46 views

CVE-2010-3802

Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.

9.3CVSS6.7AI score0.08EPSS

CVE•added 2013/05/24 4:43 p.m.•46 views

CVE-2013-1021

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file.

9.3CVSS7.8AI score0.0618EPSS

CVE•added 2006/09/12 11:7 p.m.•45 views

CVE-2006-4388

Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file.

5.1CVSS7.2AI score0.23838EPSS

CVE•added 2009/06/02 6:30 p.m.•45 views

CVE-2009-0957

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.

9.3CVSS8AI score0.27783EPSS

CVE•added 2009/09/10 9:30 p.m.•45 views

CVE-2009-2202

Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file.

9.3CVSS7.8AI score0.10923EPSS

CVE•added 2010/12/09 8:0 p.m.•45 views

CVE-2010-1508

Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.

9.3CVSS8.1AI score0.05458EPSS

CVE•added 2012/05/16 10:12 a.m.•45 views

CVE-2012-0666

Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object.

9.3CVSS7.9AI score0.05074EPSS

CVE•added 2012/11/09 7:55 p.m.•45 views

CVE-2012-3758

Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted transform attribute in a text3GTrack element in a QuickTime TeXML file.

9.3CVSS7.8AI score0.05677EPSS

CVE•added 2002/05/29 4:0 a.m.•44 views

CVE-2002-0252

Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header.

7.5CVSS7.5AI score0.04585EPSS

CVE•added 2009/01/21 8:30 p.m.•44 views

CVE-2009-0006

Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow.

9.3CVSS7.7AI score0.38337EPSS

CVE•added 2009/06/02 6:30 p.m.•44 views

CVE-2009-0954

Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.

9.3CVSS8AI score0.27783EPSS

CVE•added 2009/06/02 6:30 p.m.•44 views

CVE-2009-0956

Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero.

9.3CVSS7.7AI score0.0888EPSS

CVE•added 2009/06/02 6:30 p.m.•43 views

CVE-2009-0185

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.

9.3CVSS8AI score0.28197EPSS

CVE•added 2010/12/09 8:0 p.m.•43 views

CVE-2010-0530

Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.

2.1CVSS5.1AI score0.00107EPSS

CVE•added 2011/08/04 2:45 a.m.•43 views

CVE-2011-0249

Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.

9.3CVSS8.7AI score0.05695EPSS

CVE•added 2013/05/24 4:43 p.m.•43 views

CVE-2013-0988

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FPX file.

9.3CVSS7.7AI score0.06038EPSS

CVE•added 2013/05/24 4:43 p.m.•43 views

CVE-2013-1015

Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file.

9.3CVSS7.5AI score0.05543EPSS

CVE•added 2007/03/05 10:19 p.m.•42 views

CVE-2007-0712

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.

9.3CVSS7.6AI score0.24989EPSS

CVE•added 2007/03/05 10:19 p.m.•42 views

CVE-2007-0714

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.

9.3CVSS7.5AI score0.58639EPSS

CVE•added 2009/01/21 8:30 p.m.•42 views

CVE-2009-0003

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure.

9.3CVSS7.9AI score0.31805EPSS

CVE•added 2009/01/21 8:30 p.m.•42 views

CVE-2009-0004

Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file.

9.3CVSS7.8AI score0.06593EPSS

CVE•added 2012/05/16 10:12 a.m.•42 views

CVE-2012-0665

Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

9.3CVSS7.9AI score0.03972EPSS

CVE•added 2013/05/24 4:43 p.m.•42 views

CVE-2013-0989

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file.

9.3CVSS7.7AI score0.06038EPSS

CVE•added 2013/05/24 4:43 p.m.•42 views

CVE-2013-1018

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

9.3CVSS7.8AI score0.04549EPSS

CVE•added 2006/09/12 11:7 p.m.•41 views

CVE-2006-4382

Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie.

5.1CVSS7.2AI score0.28528EPSS

CVE•added 2006/09/12 11:7 p.m.•41 views

CVE-2006-4385

Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image.

5.1CVSS7.2AI score0.26623EPSS

CVE•added 2008/09/03 7:42 p.m.•41 views

CVE-2008-1739

Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted ftyp atoms in a movie file, which triggers memory corruption.

6.8CVSS7.5AI score0.01258EPSS

CVE•added 2009/06/02 6:30 p.m.•41 views

CVE-2009-0953

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

9.3CVSS8AI score0.21519EPSS

CVE•added 2011/10/28 2:49 a.m.•41 views

CVE-2011-3247

Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT file.

9.3CVSS9.1AI score0.02692EPSS

CVE•added 2012/05/16 10:12 a.m.•40 views

CVE-2012-0265

Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file.

9.3CVSS8AI score0.05677EPSS

CVE•added 2009/06/02 6:30 p.m.•39 views

CVE-2009-0188

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.

9.3CVSS7.8AI score0.09031EPSS

CVE•added 2013/05/24 4:43 p.m.•39 views

CVE-2013-1016

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.263 encoding.

9.3CVSS7.8AI score0.04854EPSS

CVE•added 2011/08/04 2:45 a.m.•35 views

CVE-2011-0247

Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.

9.3CVSS7.7AI score0.04248EPSS

CVE•added 2007/03/05 10:19 p.m.•34 views

CVE-2007-0711

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.

9.3CVSS7.5AI score0.23911EPSS

Total number of security vulnerabilities84