Quicktime@7.1.4 Security Vulnerabilities and Issues — Quicktime@7.1.4 CVE List

Lucene search

AppleQuicktime7.1.4

12 matches found

CVE•added 2010/08/31 8:0 p.m.•55 views

CVE-2010-1818

The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.

9.3CVSS7.3AI score0.76511EPSS

CVE•added 2010/12/09 8:0 p.m.•54 views

CVE-2010-3801

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file.

9.3CVSS6.8AI score0.08EPSS

CVE•added 2010/03/31 6:30 p.m.•51 views

CVE-2010-0529

Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memor...

9.3CVSS8.1AI score0.04161EPSS

CVE•added 2010/08/16 6:39 p.m.•50 views

CVE-2010-1799

Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

9.3CVSS8AI score0.67678EPSS

CVE•added 2010/12/09 8:0 p.m.•49 views

CVE-2010-3800

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.

9.3CVSS7.7AI score0.08EPSS

CVE•added 2010/03/31 6:30 p.m.•48 views

CVE-2010-0528

Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length val...

9.3CVSS7.9AI score0.03156EPSS

CVE•added 2010/12/09 8:0 p.m.•47 views

CVE-2010-4009

Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

9.3CVSS6.6AI score0.03335EPSS

CVE•added 2010/03/31 6:30 p.m.•46 views

CVE-2010-0527

Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

9.3CVSS7.8AI score0.01944EPSS

CVE•added 2010/12/09 8:0 p.m.•46 views

CVE-2010-3802

Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.

9.3CVSS6.7AI score0.08EPSS

CVE•added 2010/12/09 8:0 p.m.•45 views

CVE-2010-1508

Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.

9.3CVSS8.1AI score0.05458EPSS

CVE•added 2010/03/31 6:30 p.m.•44 views

CVE-2010-0536

Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted BMP image.

9.3CVSS7.9AI score0.02085EPSS

CVE•added 2010/12/09 8:0 p.m.•43 views

CVE-2010-0530

Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.

2.1CVSS5.1AI score0.00107EPSS