Quicktime@7.4.4 Security Vulnerabilities and Issues — Quicktime@7.4.4 CVE List

Lucene search

AppleQuicktime7.4.4

13 matches found

CVE•added 2008/09/11 1:13 a.m.•51 views

CVE-2008-3626

The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the sample_size_table in STSZ atoms, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted m...

6.8CVSS7.5AI score0.04008EPSS

CVE•added 2008/04/04 5:44 p.m.•46 views

CVE-2008-1016

Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attackers to execute arbitrary code via a crafted movie that triggers memory corruption.

6.8CVSS7.2AI score0.01422EPSS

CVE•added 2008/04/04 5:44 p.m.•46 views

CVE-2008-1018

Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom.

6.8CVSS7.6AI score0.40576EPSS

CVE•added 2008/04/04 5:44 p.m.•43 views

CVE-2008-1013

Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet.

6.8CVSS7.3AI score0.02896EPSS

CVE•added 2008/09/03 7:42 p.m.•42 views

CVE-2008-1739

Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted ftyp atoms in a movie file, which triggers memory corruption.

6.8CVSS7.5AI score0.01258EPSS

CVE•added 2008/04/04 5:44 p.m.•40 views

CVE-2008-1017

Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.

6.8CVSS7.5AI score0.26209EPSS

CVE•added 2008/04/04 5:44 p.m.•40 views

CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding.

6.8CVSS7.6AI score0.20491EPSS

CVE•added 2008/04/04 5:44 p.m.•38 views

CVE-2008-1014

Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information.

4.3CVSS5.8AI score0.00615EPSS

CVE•added 2008/04/04 5:44 p.m.•38 views

CVE-2008-1023

Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file.

6.8CVSS7.6AI score0.04552EPSS

CVE•added 2008/04/04 5:44 p.m.•36 views

CVE-2008-1019

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop.

6.8CVSS7.5AI score0.43865EPSS

CVE•added 2008/04/04 5:44 p.m.•36 views

CVE-2008-1020

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages.

6.8CVSS7.6AI score0.43865EPSS

CVE•added 2008/04/04 5:44 p.m.•35 views

CVE-2008-1015

Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.

6.8CVSS7.4AI score0.09447EPSS

CVE•added 2008/04/04 5:44 p.m.•35 views

CVE-2008-1022

Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size.

6.8CVSS7.5AI score0.43865EPSS