VYPR

Quicktime

by Apple Inc.

CVEs (288)

  • CVE-2007-0588Jan 30, 2007
    risk 0.00cvss epss 0.06

    The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that…

  • CVE-2006-4386Sep 12, 2006
    risk 0.00cvss epss 0.06

    Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381.

  • CVE-2006-4381Sep 12, 2006
    risk 0.00cvss epss 0.04

    Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie.

  • CVE-2006-4388Sep 12, 2006
    risk 0.00cvss epss 0.06

    Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file.

  • CVE-2006-1462May 12, 2006
    risk 0.00cvss epss 0.04

    Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file.

  • CVE-2006-1461May 12, 2006
    risk 0.00cvss epss 0.05

    Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash (SWF) file.

  • CVE-2006-1465May 12, 2006
    risk 0.00cvss epss 0.05

    Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file.

  • CVE-2006-1458May 12, 2006
    risk 0.00cvss epss 0.04

    Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image.

  • CVE-2006-1460May 12, 2006
    risk 0.00cvss epss 0.06

    Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom.

  • CVE-2006-1459May 12, 2006
    risk 0.00cvss epss 0.04

    Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV).

  • CVE-2006-1249Mar 19, 2006
    risk 0.00cvss epss 0.06

    Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks.

  • CVE-2005-3711Dec 31, 2005
    risk 0.00cvss epss 0.04

    Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values.

  • CVE-2005-3708Dec 31, 2005
    risk 0.00cvss epss 0.03

    Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.

  • CVE-2005-3709Dec 31, 2005
    risk 0.00cvss epss 0.04

    Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file.

  • CVE-2005-2753Nov 5, 2005
    risk 0.00cvss epss 0.02

    Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string.

  • CVE-2005-2756Nov 5, 2005
    risk 0.00cvss epss 0.04

    Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.

  • CVE-2005-2755Nov 5, 2005
    risk 0.00cvss epss 0.02

    Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference.

  • CVE-2005-2754Nov 5, 2005
    risk 0.00cvss epss 0.02

    Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes."

  • CVE-2005-2743Oct 26, 2005
    risk 0.00cvss epss 0.05

    The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code.

  • CVE-2005-1579May 12, 2005
    risk 0.00cvss epss 0.02

    Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker.

Page 14 of 15