National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:apple:quicktime:7.4.0:-:windows
There are 136 matching records.
Displaying matches 121 through 136.
Vuln ID Summary CVSS Severity
CVE-2008-1581

Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image.

Published: June 10, 2008; 02:32:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1583

Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT image, a different vulnerability than CVE-2008-1581.

Published: June 10, 2008; 02:32:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1584

Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted Indeo video codec content in a movie file.

Published: June 10, 2008; 02:32:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1585

Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file: URLs.

Published: June 10, 2008; 02:32:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1013

Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1014

Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 4.3 MEDIUM
CVE-2008-1015

Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1016

Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attackers to execute arbitrary code via a crafted movie that triggers memory corruption.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1017

Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1018

Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1019

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1020

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1022

Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-1023

Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file.

Published: April 04, 2008; 01:44:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2008-0778

Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods.

Published: February 14, 2008; 07:00:00 AM -05:00
V2: 7.5 HIGH