Quicktime@5.0.2 Security Vulnerabilities and Issues — Quicktime@5.0.2 CVE List

Lucene search

AppleQuicktime5.0.2

88 matches found

CVE•added 2012/05/16 10:12 a.m.•169 views

CVE-2012-0663

Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file.

9.3CVSS7.6AI score0.68246EPSS

CVE•added 2012/11/09 7:55 p.m.•153 views

CVE-2012-3753

Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIME type.

9.3CVSS7.7AI score0.78056EPSS

CVE•added 2012/11/09 7:55 p.m.•151 views

CVE-2012-3754

Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

9.3CVSS7.7AI score0.05303EPSS

CVE•added 2012/11/09 7:55 p.m.•135 views

CVE-2012-3756

Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rnet box in an MP4 movie file.

9.3CVSS7.7AI score0.08336EPSS

CVE•added 2012/05/16 10:12 a.m.•129 views

CVE-2012-0671

Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.

9.3CVSS7.7AI score0.07508EPSS

CVE•added 2013/05/24 4:43 p.m.•129 views

CVE-2013-0986

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file.

9.3CVSS7.7AI score0.03627EPSS

CVE•added 2012/11/09 7:55 p.m.•123 views

CVE-2012-3752

Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted style element in a QuickTime TeXML file.

9.3CVSS7.6AI score0.79074EPSS

CVE•added 2011/10/28 2:49 a.m.•122 views

CVE-2011-3250

Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.

9.3CVSS7.3AI score0.06419EPSS

CVE•added 2013/05/24 4:43 p.m.•122 views

CVE-2013-1020

Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file.

9.3CVSS7.5AI score0.0495EPSS

CVE•added 2012/05/16 10:12 a.m.•117 views

CVE-2012-0664

Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text track in a movie file.

9.3CVSS7.9AI score0.05677EPSS

CVE•added 2013/05/24 4:43 p.m.•117 views

CVE-2013-1017

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file.

9.3CVSS7.7AI score0.82374EPSS

CVE•added 2012/05/16 10:12 a.m.•116 views

CVE-2012-0667

Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file.

9.3CVSS7.4AI score0.04315EPSS

CVE•added 2011/10/28 2:49 a.m.•57 views

CVE-2011-3249

Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.

9.3CVSS7.4AI score0.04024EPSS

CVE•added 2011/08/04 2:45 a.m.•55 views

CVE-2011-0251

Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file.

9.3CVSS8.7AI score0.05695EPSS

CVE•added 2007/11/29 1:46 a.m.•54 views

CVE-2007-6166

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

9.3CVSS7.6AI score0.83919EPSS

CVE•added 2010/12/09 8:0 p.m.•54 views

CVE-2010-3801

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file.

9.3CVSS6.8AI score0.08EPSS

CVE•added 2011/09/06 3:55 p.m.•53 views

CVE-2011-0258

Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file.

9.3CVSS7.8AI score0.075EPSS

CVE•added 2012/05/16 10:12 a.m.•53 views

CVE-2012-0669

Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

9.3CVSS7.8AI score0.04452EPSS

CVE•added 2012/05/16 10:12 a.m.•53 views

CVE-2012-0670

Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file.

9.3CVSS7.7AI score0.07138EPSS

CVE•added 2013/05/24 4:43 p.m.•53 views

CVE-2013-1019

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

9.3CVSS7.7AI score0.04963EPSS

CVE•added 2009/09/10 9:30 p.m.•52 views

CVE-2009-2798

Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

9.3CVSS7.7AI score0.07937EPSS

CVE•added 2005/01/27 5:0 a.m.•51 views

CVE-2004-0921

AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.

7.5CVSS6.4AI score0.00407EPSS

CVE•added 2009/01/21 8:30 p.m.•51 views

CVE-2009-0005

Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption.

9.3CVSS7.6AI score0.04024EPSS

CVE•added 2011/08/04 2:45 a.m.•51 views

CVE-2011-0246

Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

9.3CVSS8AI score0.04248EPSS

CVE•added 2008/09/11 1:13 a.m.•50 views

CVE-2008-3626

The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the sample_size_table in STSZ atoms, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted m...

6.8CVSS7.5AI score0.04008EPSS

CVE•added 2009/06/02 6:30 p.m.•50 views

CVE-2009-0951

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file.

9.3CVSS7.9AI score0.21519EPSS

CVE•added 2009/09/10 9:30 p.m.•50 views

CVE-2009-2203

Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file.

9.3CVSS7.7AI score0.07937EPSS

CVE•added 2010/08/16 6:39 p.m.•50 views

CVE-2010-1799

Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

9.3CVSS8AI score0.67678EPSS

CVE•added 2012/11/09 7:55 p.m.•50 views

CVE-2012-3755

Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Targa image.

9.3CVSS7.8AI score0.44525EPSS

CVE•added 2012/11/09 7:55 p.m.•50 views

CVE-2012-3757

Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.

9.3CVSS7.7AI score0.07138EPSS

CVE•added 2006/09/12 11:7 p.m.•49 views

CVE-2006-4384

Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.

5.1CVSS7.5AI score0.42023EPSS

CVE•added 2009/01/21 8:30 p.m.•49 views

CVE-2009-0007

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms.

9.3CVSS7.9AI score0.35592EPSS

CVE•added 2009/09/10 9:30 p.m.•49 views

CVE-2009-2799

Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file.

9.3CVSS7.7AI score0.07937EPSS

CVE•added 2010/12/09 8:0 p.m.•49 views

CVE-2010-3800

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.

9.3CVSS7.7AI score0.08EPSS

CVE•added 2011/08/04 2:45 a.m.•49 views

CVE-2011-0250

Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.

9.3CVSS8.7AI score0.05695EPSS

CVE•added 2013/05/24 4:43 p.m.•49 views

CVE-2013-0987

Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file.

9.3CVSS7.5AI score0.04596EPSS

CVE•added 2009/01/21 8:30 p.m.•48 views

CVE-2009-0001

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL.

9.3CVSS9.2AI score0.1527EPSS

CVE•added 2011/08/04 2:45 a.m.•48 views

CVE-2011-0248

Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file.

9.3CVSS7.9AI score0.0396EPSS

CVE•added 2011/10/28 2:49 a.m.•48 views

CVE-2011-3251

Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime movie file.

9.3CVSS9.3AI score0.02661EPSS

CVE•added 2012/05/16 10:12 a.m.•48 views

CVE-2012-0668

Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding.

9.3CVSS7.7AI score0.03233EPSS

CVE•added 2012/11/09 7:55 p.m.•48 views

CVE-2012-3751

Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with a crafted qtactivex parameter in an OBJECT element.

9.3CVSS7.5AI score0.05303EPSS

CVE•added 2013/05/24 4:43 p.m.•48 views

CVE-2013-1022

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file.

9.3CVSS7.8AI score0.05798EPSS

CVE•added 2006/09/12 11:7 p.m.•47 views

CVE-2006-4381

Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie.

5.1CVSS7.3AI score0.09146EPSS

CVE•added 2009/01/21 8:30 p.m.•47 views

CVE-2009-0002

9.3CVSS7.9AI score0.40449EPSS

CVE•added 2009/06/02 6:30 p.m.•47 views

CVE-2009-0952

Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image.

9.3CVSS7.8AI score0.06275EPSS

CVE•added 2009/06/02 6:30 p.m.•47 views

CVE-2009-0955

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue."

9.3CVSS7.7AI score0.284EPSS

CVE•added 2010/12/09 8:0 p.m.•47 views

CVE-2010-4009

Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

9.3CVSS6.6AI score0.03335EPSS

CVE•added 2012/11/09 7:55 p.m.•47 views

CVE-2011-1374

Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted REGION record in a PICT file.

9.3CVSS7.8AI score0.0545EPSS

CVE•added 2011/10/28 2:49 a.m.•47 views

CVE-2011-3248

Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime movie file.

9.3CVSS7.2AI score0.03943EPSS

CVE•added 2006/09/12 11:7 p.m.•46 views

CVE-2006-4386

Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381.

5.1CVSS7.2AI score0.29617EPSS

Total number of security vulnerabilities88