Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Quicktime
(Apple)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 246 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2007-07-15 | CVE-2007-2402 | QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2397 | QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2396 | The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets. | Quicktime | N/A | ||
| 2007-11-07 | CVE-2007-2395 | Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption." | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2394 | Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2393 | The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2392 | Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption. | Quicktime | N/A | ||
| 2007-05-29 | CVE-2007-2389 | Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets. | Quicktime | N/A | ||
| 2007-05-29 | CVE-2007-2388 | Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations. | Quicktime | N/A | ||
| 2007-04-26 | CVE-2007-2296 | Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file. | Quicktime | N/A |