Quicktime
by Apple Inc.
CVEs (288)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-0988 | 0.00 | — | 0.01 | Mar 1, 2005 | Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. | |||
| CVE-2004-0921 | 0.00 | — | 0.01 | Jan 27, 2005 | AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. | |||
| CVE-2004-0926 | 0.00 | — | 0.05 | Jan 27, 2005 | Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. | |||
| CVE-2004-0922 | 0.00 | — | 0.01 | Jan 27, 2005 | AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop… | |||
| CVE-2004-0431 | 0.00 | — | 0.03 | Jul 7, 2004 | Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow. | |||
| CVE-2003-0423 | 0.00 | — | 0.02 | Aug 27, 2003 | parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter. | |||
| CVE-2003-0426 | 0.00 | — | 0.03 | Aug 27, 2003 | The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator. | |||
| CVE-2002-0376 | 0.00 | — | 0.04 | Sep 24, 2002 | Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. |
- CVE-2004-0988Mar 1, 2005risk 0.00cvss —epss 0.01
Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation.
- CVE-2004-0921Jan 27, 2005risk 0.00cvss —epss 0.01
AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.
- CVE-2004-0926Jan 27, 2005risk 0.00cvss —epss 0.05
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
- CVE-2004-0922Jan 27, 2005risk 0.00cvss —epss 0.01
AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop…
- CVE-2004-0431Jul 7, 2004risk 0.00cvss —epss 0.03
Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.
- CVE-2003-0423Aug 27, 2003risk 0.00cvss —epss 0.02
parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter.
- CVE-2003-0426Aug 27, 2003risk 0.00cvss —epss 0.03
The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator.
- CVE-2002-0376Sep 24, 2002risk 0.00cvss —epss 0.04
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.
Page 15 of 15