Quicktime Security Vulnerabilities and Issues — Quicktime CVE List

Lucene search

AppleQuicktime

12 matches found

CVE•added 2008/04/04 5:44 p.m.•45 views

CVE-2008-1016

Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attackers to execute arbitrary code via a crafted movie that triggers memory corruption.

6.8CVSS7.2AI score0.01422EPSS

CVE•added 2008/04/04 5:44 p.m.•45 views

CVE-2008-1018

Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom.

6.8CVSS7.6AI score0.40576EPSS

CVE•added 2008/04/04 5:44 p.m.•42 views

CVE-2008-1013

Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet.

6.8CVSS7.3AI score0.02896EPSS

CVE•added 2008/04/04 5:44 p.m.•39 views

CVE-2008-1017

Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.

6.8CVSS7.5AI score0.26209EPSS

CVE•added 2008/04/04 5:44 p.m.•39 views

CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding.

6.8CVSS7.6AI score0.20491EPSS

CVE•added 2008/04/04 5:44 p.m.•37 views

CVE-2008-1014

Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information.

4.3CVSS5.8AI score0.00615EPSS

CVE•added 2008/04/04 5:44 p.m.•37 views

CVE-2008-1023

Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file.

6.8CVSS7.6AI score0.04552EPSS

CVE•added 2008/04/04 5:44 p.m.•35 views

CVE-2008-1019

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop.

6.8CVSS7.5AI score0.43865EPSS

CVE•added 2008/04/04 5:44 p.m.•35 views

CVE-2008-1020

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages.

6.8CVSS7.6AI score0.43865EPSS

CVE•added 2008/04/04 5:44 p.m.•34 views

CVE-2008-1015

Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.

6.8CVSS7.4AI score0.09447EPSS

CVE•added 2008/04/04 5:44 p.m.•34 views

CVE-2008-1022

Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size.

6.8CVSS7.5AI score0.43865EPSS

CVE•added 2008/04/30 12:10 a.m.•34 views

CVE-2008-2010

Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a w...

9.3CVSS7.3AI score0.02083EPSS