Total
250 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-0714 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, Windows | 2024-11-21 | 9.3 HIGH | N/A |
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value. | |||||
CVE-2007-0713 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.8 MEDIUM | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie file. | |||||
CVE-2007-0712 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, Windows | 2024-11-21 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. | |||||
CVE-2007-0711 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2024-11-21 | 9.3 HIGH | N/A |
Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file. | |||||
CVE-2007-0588 | 1 Apple | 2 Mac Os X, Quicktime | 2024-11-21 | 7.1 HIGH | N/A |
The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462. | |||||
CVE-2007-0462 | 1 Apple | 2 Mac Os X, Quicktime | 2024-11-21 | 10.0 HIGH | N/A |
The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption. | |||||
CVE-2007-0059 | 1 Apple | 1 Quicktime | 2024-11-21 | 6.8 MEDIUM | N/A |
Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a local zone during preview, as exploited by a MySpace worm. | |||||
CVE-2007-0015 | 1 Apple | 1 Quicktime | 2024-11-21 | 6.8 MEDIUM | N/A |
Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI. | |||||
CVE-2006-4965 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.0 MEDIUM | N/A |
Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer. | |||||
CVE-2006-4389 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object. | |||||
CVE-2006-4388 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file. | |||||
CVE-2006-4386 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381. | |||||
CVE-2006-4385 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image. | |||||
CVE-2006-4384 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. | |||||
CVE-2006-4382 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie. | |||||
CVE-2006-4381 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie. | |||||
CVE-2006-2238 | 1 Apple | 1 Quicktime | 2024-11-21 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue. | |||||
CVE-2006-1465 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file. | |||||
CVE-2006-1464 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime MPEG4 (M4P) video format file. | |||||
CVE-2006-1463 | 1 Apple | 1 Quicktime | 2024-11-21 | 5.1 MEDIUM | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value. |