Filtered by vendor Apple
Subscriptions
Filtered by product Quicktime
Subscriptions
Total
250 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0956 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero. | ||||
| CVE-2009-2203 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file. | ||||
| CVE-2007-2295 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file. | ||||
| CVE-2007-2397 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | ||||
| CVE-2007-0462 | 1 Apple | 2 Mac Os X, Quicktime | 2025-04-09 | N/A |
| The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption. | ||||
| CVE-2009-0951 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file. | ||||
| CVE-2009-0002 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms. | ||||
| CVE-2009-0003 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure. | ||||
| CVE-2008-4116 | 1 Apple | 2 Itunes, Quicktime | 2025-04-09 | N/A |
| Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow. | ||||
| CVE-2008-0234 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message. | ||||
| CVE-2008-1584 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted Indeo video codec content in a movie file. | ||||
| CVE-2008-1585 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file: URLs. | ||||
| CVE-2007-0059 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a local zone during preview, as exploited by a MySpace worm. | ||||
| CVE-2007-3750 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file. | ||||
| CVE-2008-0031 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption. | ||||
| CVE-2008-0033 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption. | ||||
| CVE-2008-1581 | 2 Apple, Microsoft | 3 Quicktime, Windows Vista, Windows Xp | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image. | ||||
| CVE-2007-4673 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045. | ||||
| CVE-2007-4674 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow. | ||||
| CVE-2007-0711 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2025-04-09 | N/A |
| Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file. | ||||