U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:quicktime:7.5.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 123 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2009-2799

Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file.

Published: September 10, 2009; 5:30:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-2798

Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

Published: September 10, 2009; 5:30:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-2203

Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file.

Published: September 10, 2009; 5:30:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-2202

Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file.

Published: September 10, 2009; 5:30:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0956

Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0954

Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0953

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0952

Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0951

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0188

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0185

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0007

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0006

Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0005

Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0004

Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0003

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0002

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0001

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-3628

Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, related to an "invalid pointer issue."

Published: September 10, 2008; 9:13:09 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-3627

Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms in MP4 video files within QuickTimeH264.qtx, (2) MDAT atoms in mov video files within QuickTimeH264.scalar, and (3) AVC1 atoms in an unknown media type within an unspecified component, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a crafted, H.264 encoded movie file.

Published: September 10, 2008; 9:13:09 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH