Quicktime
by Apple Inc.
CVEs (288)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-3722 | 0.00 | — | 0.03 | Sep 20, 2012 | The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with… | |||
| CVE-2012-0671 | 0.00 | — | 0.05 | May 16, 2012 | Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file. | |||
| CVE-2012-0670 | 0.00 | — | 0.05 | May 16, 2012 | Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file. | |||
| CVE-2012-0669 | 0.00 | — | 0.05 | May 16, 2012 | Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | |||
| CVE-2012-0668 | 0.00 | — | 0.05 | May 16, 2012 | Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding. | |||
| CVE-2012-0667 | 0.00 | — | 0.03 | May 16, 2012 | Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file. | |||
| CVE-2012-0666 | 0.00 | — | 0.04 | May 16, 2012 | Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object. | |||
| CVE-2012-0665 | 0.00 | — | 0.04 | May 16, 2012 | Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | |||
| CVE-2012-0664 | 0.00 | — | 0.06 | May 16, 2012 | Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text track in a movie file. | |||
| CVE-2012-0265 | 0.00 | — | 0.05 | May 16, 2012 | Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file. | |||
| CVE-2012-0661 | 0.00 | — | 0.03 | May 11, 2012 | Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding. | |||
| CVE-2012-0660 | 0.00 | — | 0.03 | May 11, 2012 | Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | |||
| CVE-2012-0659 | 0.00 | — | 0.03 | May 11, 2012 | Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | |||
| CVE-2012-0658 | 0.00 | — | 0.04 | May 11, 2012 | Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. | |||
| CVE-2011-3460 | 0.00 | — | 0.04 | Feb 2, 2012 | Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. | |||
| CVE-2011-3459 | 0.00 | — | 0.03 | Feb 2, 2012 | Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie file that triggers a buffer overflow. | |||
| CVE-2011-3458 | 0.00 | — | 0.03 | Feb 2, 2012 | QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 file. | |||
| CVE-2011-3251 | 0.00 | — | 0.04 | Oct 28, 2011 | Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime movie file. | |||
| CVE-2011-3250 | 0.00 | — | 0.05 | Oct 28, 2011 | Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding. | |||
| CVE-2011-3249 | 0.00 | — | 0.05 | Oct 28, 2011 | Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding. |
- CVE-2012-3722Sep 20, 2012risk 0.00cvss —epss 0.03
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with…
- CVE-2012-0671May 16, 2012risk 0.00cvss —epss 0.05
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.
- CVE-2012-0670May 16, 2012risk 0.00cvss —epss 0.05
Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file.
- CVE-2012-0669May 16, 2012risk 0.00cvss —epss 0.05
Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
- CVE-2012-0668May 16, 2012risk 0.00cvss —epss 0.05
Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding.
- CVE-2012-0667May 16, 2012risk 0.00cvss —epss 0.03
Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file.
- CVE-2012-0666May 16, 2012risk 0.00cvss —epss 0.04
Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object.
- CVE-2012-0665May 16, 2012risk 0.00cvss —epss 0.04
Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
- CVE-2012-0664May 16, 2012risk 0.00cvss —epss 0.06
Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text track in a movie file.
- CVE-2012-0265May 16, 2012risk 0.00cvss —epss 0.05
Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file.
- CVE-2012-0661May 11, 2012risk 0.00cvss —epss 0.03
Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.
- CVE-2012-0660May 11, 2012risk 0.00cvss —epss 0.03
Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.
- CVE-2012-0659May 11, 2012risk 0.00cvss —epss 0.03
Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.
- CVE-2012-0658May 11, 2012risk 0.00cvss —epss 0.04
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded.
- CVE-2011-3460Feb 2, 2012risk 0.00cvss —epss 0.04
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file.
- CVE-2011-3459Feb 2, 2012risk 0.00cvss —epss 0.03
Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie file that triggers a buffer overflow.
- CVE-2011-3458Feb 2, 2012risk 0.00cvss —epss 0.03
QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 file.
- CVE-2011-3251Oct 28, 2011risk 0.00cvss —epss 0.04
Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime movie file.
- CVE-2011-3250Oct 28, 2011risk 0.00cvss —epss 0.05
Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.
- CVE-2011-3249Oct 28, 2011risk 0.00cvss —epss 0.05
Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.
Page 8 of 15