U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:quicktime:7.7.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 69 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2015-3663

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.

Published: July 02, 2015; 9:59:22 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3662

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.

Published: July 02, 2015; 9:59:21 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3661

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.

Published: July 02, 2015; 9:59:20 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-4979

Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom.

Published: July 26, 2014; 7:11:57 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1251

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1250

Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1249

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1248

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1247

Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1246

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1245

Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1244

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-1243

Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.

Published: February 26, 2014; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1032

QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file.

Published: September 16, 2013; 9:02:32 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-1022

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1021

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1020

Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1019

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1018

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1017

Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file.

Published: May 24, 2013; 12:43:58 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH