U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 183 matching records.
Displaying matches 141 through 160.
Vuln ID Summary CVSS Severity
CVE-2008-1018

Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom.

Published: April 04, 2008; 1:44:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-1019

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop.

Published: April 04, 2008; 1:44:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-1020

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages.

Published: April 04, 2008; 1:44:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding.

Published: April 04, 2008; 1:44:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-1022

Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size.

Published: April 04, 2008; 1:44:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-1023

Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file.

Published: April 04, 2008; 1:44:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-0778

Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods.

Published: February 14, 2008; 7:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-0032

Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption.

Published: January 15, 2008; 10:00:00 PM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2008-0033

Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption.

Published: January 15, 2008; 10:00:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-0036

Buffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which triggers the overflow during decoding.

Published: January 15, 2008; 10:00:00 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-0031

Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption.

Published: January 15, 2008; 9:00:00 PM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2007-4706

Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file.

Published: December 14, 2007; 8:46:00 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2007-4707

Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie.

Published: December 14, 2007; 8:46:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-6166

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

Published: November 28, 2007; 8:46:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-2395

Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption."

Published: November 07, 2007; 6:46:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-3750

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file.

Published: November 07, 2007; 6:46:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-3751

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.

Published: November 07, 2007; 6:46:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-4672

Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image.

Published: November 07, 2007; 6:46:00 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2007-4675

Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama sample atom.

Published: November 07, 2007; 6:46:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-4676

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.

Published: November 07, 2007; 6:46:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH