Quicktime@7.1.3 Security Vulnerabilities and Issues — Quicktime@7.1.3 CVE List

Lucene search

AppleQuicktime7.1.3

20 matches found

CVE•added 2007/01/30 6:28 p.m.•55 views

CVE-2007-0588

The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption ...

7.1CVSS8.2AI score0.35585EPSS

CVE•added 2007/11/29 1:46 a.m.•54 views

CVE-2007-6166

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

9.3CVSS7.6AI score0.83919EPSS

CVE•added 2007/01/01 11:28 p.m.•51 views

CVE-2007-0015

Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI.

6.8CVSS7.3AI score0.85863EPSS

CVE•added 2007/03/05 10:19 p.m.•49 views

CVE-2007-0718

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a QTIF file with a Video Sample Description containing a Color table ID of 0, which triggers memory corruption when QuickTime...

5.8CVSS7.9AI score0.35955EPSS

CVE•added 2007/03/05 10:19 p.m.•48 views

CVE-2007-0713

5.8CVSS7.6AI score0.24131EPSS

CVE•added 2007/03/05 10:19 p.m.•47 views

CVE-2007-0716

Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.

5.8CVSS7.6AI score0.15112EPSS

CVE•added 2007/01/26 1:28 a.m.•46 views

CVE-2007-0462

The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB...

10CVSS7.3AI score0.21501EPSS

CVE•added 2007/03/05 10:19 p.m.•46 views

CVE-2007-0717

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.

5.8CVSS7.5AI score0.16763EPSS

CVE•added 2007/07/15 9:30 p.m.•46 views

CVE-2007-2402

QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.

4.3CVSS5.5AI score0.01093EPSS

CVE•added 2007/03/05 10:19 p.m.•45 views

CVE-2007-0715

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file.

5.8CVSS7.6AI score0.11929EPSS

CVE•added 2007/03/05 10:19 p.m.•42 views

CVE-2007-0712

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.

9.3CVSS7.6AI score0.24989EPSS

CVE•added 2007/03/05 10:19 p.m.•42 views

CVE-2007-0714

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.

9.3CVSS7.5AI score0.58639EPSS

CVE•added 2007/07/15 9:30 p.m.•41 views

CVE-2007-2394

Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.

9.3CVSS7.5AI score0.48805EPSS

CVE•added 2007/04/26 8:19 p.m.•40 views

CVE-2007-2296

Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file.

9.3CVSS7.4AI score0.33595EPSS

CVE•added 2007/07/15 9:30 p.m.•40 views

CVE-2007-2397

QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.

9.3CVSS7.3AI score0.38251EPSS

CVE•added 2007/04/26 8:19 p.m.•38 views

CVE-2007-2295

Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file.

9.3CVSS7.6AI score0.39754EPSS

CVE•added 2007/07/15 9:30 p.m.•38 views

CVE-2007-2392

Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption.

9.3CVSS7.2AI score0.10438EPSS

CVE•added 2007/07/15 9:30 p.m.•37 views

CVE-2007-2393

The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.

9.3CVSS7.3AI score0.11782EPSS

CVE•added 2007/07/15 9:30 p.m.•37 views

CVE-2007-2396

The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.

9.3CVSS7.3AI score0.29102EPSS

CVE•added 2007/03/05 10:19 p.m.•34 views

CVE-2007-0711

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.

9.3CVSS7.5AI score0.23911EPSS