U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:apple:quicktime:-
There are 184 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2015-3661

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.

Published: July 02, 2015; 9:59:20 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-1251

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1250

Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1249

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1248

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1247

Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1246

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1245

Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1244

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1243

Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1819

Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) CoreVideo.dll, (2) CoreGraphics.dll, or (3) CoreAudioToolbox.dll that is located in the same folder as a .pic image file.

Published: December 26, 2013; 8:55:05 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1022

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1021

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1020

Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1019

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1018

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1017

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1016

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.263 encoding.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1015

Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0989

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH