U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:quicktime:7.71.80.42:*:*:*:*:*:*:*
There are 9 matching records.
Displaying matches 1 through 9.
Vuln ID Summary CVSS Severity
CVE-2014-1251

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1250

Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1249

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1248

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1247

Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1246

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1245

Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1244

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2014-1243

Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH