Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-4706 |
Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file. Published: December 14, 2007; 8:46:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2007-4707 |
Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie. Published: December 14, 2007; 8:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-6238 |
Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166. Published: December 04, 2007; 1:46:00 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2007-6166 |
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. Published: November 28, 2007; 8:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-4674 |
An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow. Published: November 27, 2007; 3:46:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2007-2395 |
Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption." Published: November 07, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-3750 |
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file. Published: November 07, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-3751 |
Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors. Published: November 07, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-4672 |
Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image. Published: November 07, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2007-4675 |
Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama sample atom. Published: November 07, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-4676 |
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image. Published: November 07, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-4677 |
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values. Published: November 07, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-4673 |
Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045. Published: October 04, 2007; 7:17:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |