Total
250 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2397 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | |||||
CVE-2007-2396 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets. | |||||
CVE-2007-0714 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, Windows | 2023-12-10 | 9.3 HIGH | N/A |
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value. | |||||
CVE-2007-2296 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file. | |||||
CVE-2007-2393 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution. | |||||
CVE-2007-3750 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file. | |||||
CVE-2007-2395 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption." | |||||
CVE-2007-4673 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045. | |||||
CVE-2007-6238 | 1 Apple | 1 Quicktime | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166. | |||||
CVE-2005-2756 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion. | |||||
CVE-2006-4385 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image. | |||||
CVE-2006-1461 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash (SWF) file. | |||||
CVE-2005-2754 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | |||||
CVE-2006-1465 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file. | |||||
CVE-2005-1579 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.0 MEDIUM | N/A |
Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. | |||||
CVE-2006-4382 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie. | |||||
CVE-2005-3713 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block. | |||||
CVE-2006-1462 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file. | |||||
CVE-2005-3707 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. | |||||
CVE-2005-3709 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.5 HIGH | N/A |
Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. |