Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Quicktime
Total 250 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-3800 1 Apple 1 Quicktime 2024-11-21 9.3 HIGH N/A
Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.
CVE-2010-3793 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2024-11-21 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file.
CVE-2010-3792 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2024-11-21 6.8 MEDIUM N/A
Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
CVE-2010-3791 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2024-11-21 6.8 MEDIUM N/A
Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
CVE-2010-3790 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2024-11-21 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary.
CVE-2010-3789 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2024-11-21 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file.
CVE-2010-3788 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2024-11-21 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.
CVE-2010-1819 1 Apple 1 Quicktime 2024-11-21 9.3 HIGH N/A
Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) CoreVideo.dll, (2) CoreGraphics.dll, or (3) CoreAudioToolbox.dll that is located in the same folder as a .pic image file.
CVE-2010-1818 1 Apple 1 Quicktime 2024-11-21 9.3 HIGH N/A
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
CVE-2010-1799 2 Apple, Microsoft 2 Quicktime, Windows 2024-11-21 9.3 HIGH N/A
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2010-1508 2 Apple, Microsoft 2 Quicktime, Windows 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.
CVE-2010-0536 2 Apple, Microsoft 4 Quicktime, Windows 7, Windows Vista and 1 more 2024-11-21 9.3 HIGH N/A
Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted BMP image.
CVE-2010-0530 2 Apple, Microsoft 2 Quicktime, Windows 2024-11-21 2.1 LOW N/A
Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.
CVE-2010-0529 2 Apple, Microsoft 4 Quicktime, Windows 7, Windows Vista and 1 more 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.
CVE-2010-0528 2 Apple, Microsoft 4 Quicktime, Windows 7, Windows Vista and 1 more 2024-11-21 9.3 HIGH N/A
Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value.
CVE-2010-0527 2 Apple, Microsoft 4 Quicktime, Windows 7, Windows Vista and 1 more 2024-11-21 9.3 HIGH N/A
Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
CVE-2009-2799 1 Apple 1 Quicktime 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file.
CVE-2009-2798 1 Apple 1 Quicktime 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.
CVE-2009-2203 1 Apple 1 Quicktime 2024-11-21 9.3 HIGH N/A
Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file.
CVE-2009-2202 1 Apple 1 Quicktime 2024-11-21 9.3 HIGH N/A
Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file.