Quicktime
by Apple Inc.
CVEs (288)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-0209 | 0.00 | — | 0.03 | Jun 24, 2011 | Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file. | |||
| CVE-2011-0187 | 0.00 | — | 0.02 | Mar 23, 2011 | The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect. | |||
| CVE-2011-0186 | 0.00 | — | 0.03 | Mar 23, 2011 | QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image. | |||
| CVE-2010-4009 | 0.00 | — | 0.05 | Dec 9, 2010 | Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | |||
| CVE-2010-3802 | 0.00 | — | 0.05 | Dec 9, 2010 | Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file. | |||
| CVE-2010-3801 | 0.00 | — | 0.05 | Dec 9, 2010 | Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file. | |||
| CVE-2010-3800 | 0.00 | — | 0.05 | Dec 9, 2010 | Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file. | |||
| CVE-2010-1508 | 0.00 | — | 0.06 | Dec 9, 2010 | Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms. | |||
| CVE-2010-0530 | 0.00 | — | 0.00 | Dec 9, 2010 | Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory. | |||
| CVE-2010-3794 | 0.00 | — | 0.03 | Nov 16, 2010 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of FlashPix image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | |||
| CVE-2010-3793 | 0.00 | — | 0.03 | Nov 16, 2010 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file. | |||
| CVE-2010-3792 | 0.00 | — | 0.03 | Nov 16, 2010 | Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file. | |||
| CVE-2010-3791 | 0.00 | — | 0.03 | Nov 16, 2010 | Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file. | |||
| CVE-2010-3790 | 0.00 | — | 0.05 | Nov 16, 2010 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer… | |||
| CVE-2010-3789 | 0.00 | — | 0.03 | Nov 16, 2010 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file. | |||
| CVE-2010-3788 | 0.00 | — | 0.03 | Nov 16, 2010 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file. | |||
| CVE-2010-3787 | 0.00 | — | 0.05 | Nov 16, 2010 | Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image. | |||
| CVE-2010-0536 | 0.00 | — | 0.04 | Mar 31, 2010 | Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted BMP image. | |||
| CVE-2010-0528 | 0.00 | — | 0.06 | Mar 31, 2010 | Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and… | |||
| CVE-2010-0527 | 0.00 | — | 0.04 | Mar 31, 2010 | Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. |
- CVE-2011-0209Jun 24, 2011risk 0.00cvss —epss 0.03
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.
- CVE-2011-0187Mar 23, 2011risk 0.00cvss —epss 0.02
The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.
- CVE-2011-0186Mar 23, 2011risk 0.00cvss —epss 0.03
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.
- CVE-2010-4009Dec 9, 2010risk 0.00cvss —epss 0.05
Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
- CVE-2010-3802Dec 9, 2010risk 0.00cvss —epss 0.05
Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.
- CVE-2010-3801Dec 9, 2010risk 0.00cvss —epss 0.05
Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file.
- CVE-2010-3800Dec 9, 2010risk 0.00cvss —epss 0.05
Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.
- CVE-2010-1508Dec 9, 2010risk 0.00cvss —epss 0.06
Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.
- CVE-2010-0530Dec 9, 2010risk 0.00cvss —epss 0.00
Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.
- CVE-2010-3794Nov 16, 2010risk 0.00cvss —epss 0.03
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of FlashPix image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.
- CVE-2010-3793Nov 16, 2010risk 0.00cvss —epss 0.03
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file.
- CVE-2010-3792Nov 16, 2010risk 0.00cvss —epss 0.03
Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
- CVE-2010-3791Nov 16, 2010risk 0.00cvss —epss 0.03
Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
- CVE-2010-3790Nov 16, 2010risk 0.00cvss —epss 0.05
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer…
- CVE-2010-3789Nov 16, 2010risk 0.00cvss —epss 0.03
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file.
- CVE-2010-3788Nov 16, 2010risk 0.00cvss —epss 0.03
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.
- CVE-2010-3787Nov 16, 2010risk 0.00cvss —epss 0.05
Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.
- CVE-2010-0536Mar 31, 2010risk 0.00cvss —epss 0.04
Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted BMP image.
- CVE-2010-0528Mar 31, 2010risk 0.00cvss —epss 0.06
Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and…
- CVE-2010-0527Mar 31, 2010risk 0.00cvss —epss 0.04
Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
Page 10 of 15