Lucene search

K
AppleQuicktime7.0

95 matches found

CVE
CVE
added 2010/12/09 8:0 p.m.46 views

CVE-2010-3802

Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.

9.3CVSS6.7AI score0.08EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.45 views

CVE-2005-2340

Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field.

7.5CVSS7.5AI score0.63968EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.45 views

CVE-2005-3707

Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.

7.5CVSS7.5AI score0.16948EPSS
CVE
CVE
added 2006/09/12 11:7 p.m.45 views

CVE-2006-4388

Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file.

5.1CVSS7.2AI score0.23838EPSS
CVE
CVE
added 2007/03/05 10:19 p.m.45 views

CVE-2007-0715

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file.

5.8CVSS7.6AI score0.11929EPSS
CVE
CVE
added 2009/06/02 6:30 p.m.45 views

CVE-2009-0957

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.

9.3CVSS8AI score0.27783EPSS
CVE
CVE
added 2009/09/10 9:30 p.m.45 views

CVE-2009-2202

Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file.

9.3CVSS7.8AI score0.10923EPSS
CVE
CVE
added 2010/12/09 8:0 p.m.45 views

CVE-2010-1508

Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.

9.3CVSS8.1AI score0.05458EPSS
CVE
CVE
added 2012/05/16 10:12 a.m.45 views

CVE-2012-0666

Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object.

9.3CVSS7.9AI score0.05074EPSS
CVE
CVE
added 2005/11/05 11:2 a.m.44 views

CVE-2005-2753

Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string.

5.1CVSS7.3AI score0.01442EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.44 views

CVE-2005-3708

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.

7.5CVSS7.5AI score0.03286EPSS
CVE
CVE
added 2009/01/21 8:30 p.m.44 views

CVE-2009-0006

Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow.

9.3CVSS7.7AI score0.38337EPSS
CVE
CVE
added 2009/06/02 6:30 p.m.44 views

CVE-2009-0954

Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.

9.3CVSS8AI score0.27783EPSS
CVE
CVE
added 2009/06/02 6:30 p.m.44 views

CVE-2009-0956

Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero.

9.3CVSS7.7AI score0.0888EPSS
CVE
CVE
added 2005/05/14 4:0 a.m.43 views

CVE-2005-1579

Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker.

5CVSS5.4AI score0.0281EPSS
CVE
CVE
added 2009/06/02 6:30 p.m.43 views

CVE-2009-0185

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.

9.3CVSS8AI score0.28197EPSS
CVE
CVE
added 2010/12/09 8:0 p.m.43 views

CVE-2010-0530

Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.

2.1CVSS5.1AI score0.00107EPSS
CVE
CVE
added 2011/08/04 2:45 a.m.43 views

CVE-2011-0249

Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.

9.3CVSS8.7AI score0.05695EPSS
CVE
CVE
added 2006/05/12 8:6 p.m.42 views

CVE-2006-1460

Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom.

5.1CVSS7.3AI score0.28766EPSS
CVE
CVE
added 2007/03/05 10:19 p.m.42 views

CVE-2007-0712

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.

9.3CVSS7.6AI score0.24989EPSS
CVE
CVE
added 2007/03/05 10:19 p.m.42 views

CVE-2007-0714

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.

9.3CVSS7.5AI score0.58639EPSS
CVE
CVE
added 2009/01/21 8:30 p.m.42 views

CVE-2009-0003

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure.

9.3CVSS7.9AI score0.31805EPSS
CVE
CVE
added 2009/01/21 8:30 p.m.42 views

CVE-2009-0004

Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file.

9.3CVSS7.8AI score0.06593EPSS
CVE
CVE
added 2012/05/16 10:12 a.m.42 views

CVE-2012-0665

Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

9.3CVSS7.9AI score0.03972EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.41 views

CVE-2005-3710

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags.

7.5CVSS7.5AI score0.32161EPSS
CVE
CVE
added 2006/09/12 11:7 p.m.41 views

CVE-2006-4382

Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie.

5.1CVSS7.2AI score0.28528EPSS
CVE
CVE
added 2006/09/12 11:7 p.m.41 views

CVE-2006-4385

Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image.

5.1CVSS7.2AI score0.26623EPSS
CVE
CVE
added 2007/07/15 9:30 p.m.41 views

CVE-2007-2394

Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.

9.3CVSS7.5AI score0.48805EPSS
CVE
CVE
added 2008/09/03 7:42 p.m.41 views

CVE-2008-1739

Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted ftyp atoms in a movie file, which triggers memory corruption.

6.8CVSS7.5AI score0.01258EPSS
CVE
CVE
added 2009/06/02 6:30 p.m.41 views

CVE-2009-0953

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

9.3CVSS8AI score0.21519EPSS
CVE
CVE
added 2011/10/28 2:49 a.m.41 views

CVE-2011-3247

Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT file.

9.3CVSS9.1AI score0.02692EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.40 views

CVE-2005-3711

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values.

7.5CVSS7.5AI score0.05504EPSS
CVE
CVE
added 2006/05/12 9:2 p.m.40 views

CVE-2006-2238

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier beca...

7.5CVSS7.6AI score0.37958EPSS
CVE
CVE
added 2006/09/12 11:7 p.m.40 views

CVE-2006-4389

Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object.

5.1CVSS7AI score0.32055EPSS
CVE
CVE
added 2007/07/15 9:30 p.m.40 views

CVE-2007-2397

QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.

9.3CVSS7.3AI score0.38251EPSS
CVE
CVE
added 2012/05/16 10:12 a.m.40 views

CVE-2012-0265

Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file.

9.3CVSS8AI score0.05677EPSS
CVE
CVE
added 2008/09/11 1:13 a.m.39 views

CVE-2008-3635

Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafte...

9.3CVSS7.9AI score0.04267EPSS
CVE
CVE
added 2009/06/02 6:30 p.m.39 views

CVE-2009-0188

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.

9.3CVSS7.8AI score0.09031EPSS
CVE
CVE
added 2006/01/11 6:0 p.m.38 views

CVE-2005-3709

Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file.

7.5CVSS7.4AI score0.04957EPSS
CVE
CVE
added 2007/07/15 9:30 p.m.38 views

CVE-2007-2392

Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption.

9.3CVSS7.2AI score0.10438EPSS
CVE
CVE
added 2007/07/15 9:30 p.m.37 views

CVE-2007-2393

The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.

9.3CVSS7.3AI score0.11782EPSS
CVE
CVE
added 2007/07/15 9:30 p.m.37 views

CVE-2007-2396

The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.

9.3CVSS7.3AI score0.29102EPSS
CVE
CVE
added 2008/09/11 1:13 a.m.37 views

CVE-2008-3629

Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read.

4.3CVSS6AI score0.01369EPSS
CVE
CVE
added 2011/08/04 2:45 a.m.35 views

CVE-2011-0247

Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.

9.3CVSS7.7AI score0.04248EPSS
CVE
CVE
added 2007/03/05 10:19 p.m.34 views

CVE-2007-0711

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.

9.3CVSS7.5AI score0.23911EPSS
Total number of security vulnerabilities95