VYPR

Quicktime

by Apple Inc.

CVEs (288)

  • CVE-2004-0988Mar 1, 2005
    risk 0.00cvss epss 0.01

    Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation.

  • CVE-2004-0921Jan 27, 2005
    risk 0.00cvss epss 0.01

    AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.

  • CVE-2004-0926Jan 27, 2005
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.

  • CVE-2004-0922Jan 27, 2005
    risk 0.00cvss epss 0.01

    AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop…

  • CVE-2004-0431Jul 7, 2004
    risk 0.00cvss epss 0.03

    Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.

  • CVE-2003-0423Aug 27, 2003
    risk 0.00cvss epss 0.02

    parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter.

  • CVE-2003-0426Aug 27, 2003
    risk 0.00cvss epss 0.03

    The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator.

  • CVE-2002-0376Sep 24, 2002
    risk 0.00cvss epss 0.04

    Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.

Page 15 of 15