Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Quicktime
(Apple)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 246 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2007-11-27 | CVE-2007-4674 | An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow. | Quicktime | N/A | ||
| 2007-10-04 | CVE-2007-4673 | Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045. | Quicktime | N/A | ||
| 2007-11-07 | CVE-2007-4672 | Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image. | Quicktime | N/A | ||
| 2007-11-07 | CVE-2007-3750 | Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2402 | QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2397 | QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2396 | The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets. | Quicktime | N/A | ||
| 2007-11-07 | CVE-2007-2395 | Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption." | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2394 | Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation. | Quicktime | N/A | ||
| 2007-07-15 | CVE-2007-2393 | The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution. | Quicktime | N/A |