VYPR

Quicktime

by Apple Inc.

CVEs (288)

  • CVE-2008-3625Sep 11, 2008
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted (1) maxTilt, (2) minFieldOfView, and (3) maxFieldOfView…

  • CVE-2008-1019Apr 4, 2008
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop.

  • CVE-2008-1021Apr 4, 2008
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding.

  • CVE-2008-1020Apr 4, 2008
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages.

  • CVE-2008-1022Apr 4, 2008
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size.

  • CVE-2008-1017Apr 4, 2008
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.

  • CVE-2007-4672Nov 7, 2007
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image.

  • CVE-2007-3750Nov 7, 2007
    risk 0.01cvss epss 0.06

    Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file.

  • CVE-2007-2395Nov 7, 2007
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption."

  • CVE-2007-2396Jul 15, 2007
    risk 0.01cvss epss 0.07

    The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.

  • CVE-2007-2397Jul 15, 2007
    risk 0.01cvss epss 0.07

    QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.

  • CVE-2007-2393Jul 15, 2007
    risk 0.01cvss epss 0.07

    The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.

  • CVE-2007-2295Apr 26, 2007
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file.

  • CVE-2007-0714Mar 5, 2007
    risk 0.01cvss epss 0.08

    Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.

  • CVE-2007-0712Mar 5, 2007
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.

  • CVE-2006-4385Sep 12, 2006
    risk 0.01cvss epss 0.06

    Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image.

  • CVE-2006-4389Sep 12, 2006
    risk 0.01cvss epss 0.07

    Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object.

  • CVE-2006-4382Sep 12, 2006
    risk 0.01cvss epss 0.07

    Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie.

  • CVE-2006-2238May 12, 2006
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a…

  • CVE-2006-1463May 12, 2006
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value.

Page 4 of 15