U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:apple:quicktime:7.5.5:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 129 matching records.
Displaying matches 121 through 129.
Vuln ID Summary CVSS Severity
CVE-2009-0006

Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0005

Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0004

Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0003

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0002

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0001

Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL.

Published: January 21, 2009; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-5406

Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by one overflow."

Published: December 10, 2008; 1:44:42 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-4116

Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow.

Published: September 18, 2008; 11:04:27 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-2010

Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published: April 29, 2008; 8:10:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH