U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:quicktime:7.1.0:-:mac:*:*:*:*:*
  • CPE Name Search: true
There are 171 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2011-0245

Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.

Published: August 03, 2011; 10:45:31 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2011-0211

Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

Published: June 24, 2011; 4:55:02 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-0210

QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.

Published: June 24, 2011; 4:55:02 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-0209

Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.

Published: June 24, 2011; 4:55:02 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-0187

The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.

Published: March 22, 2011; 10:00:05 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2011-0186

QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.

Published: March 22, 2011; 10:00:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-4009

Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

Published: December 09, 2010; 3:00:17 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-3802

Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.

Published: December 09, 2010; 3:00:17 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-3801

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file.

Published: December 09, 2010; 3:00:17 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-3800

Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.

Published: December 09, 2010; 3:00:17 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1508

Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.

Published: December 09, 2010; 3:00:16 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-0530

Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.

Published: December 09, 2010; 3:00:16 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2010-3793

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file.

Published: November 16, 2010; 5:00:16 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-3792

Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.

Published: November 16, 2010; 5:00:16 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-3791

Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.

Published: November 16, 2010; 5:00:16 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-3790

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary.

Published: November 16, 2010; 5:00:16 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-3789

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file.

Published: November 16, 2010; 5:00:16 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-3788

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.

Published: November 16, 2010; 5:00:16 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1818

The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.

Published: August 31, 2010; 4:00:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1799

Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

Published: August 16, 2010; 2:39:40 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH