Vulnerabilities > Apple > Quicktime > 7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-07 | CVE-2007-2395 | Remote Memory Corruption vulnerability in Apple QuickTime Image Description Atom Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption." | 9.3 |
2007-09-24 | CVE-2007-5045 | Code Injection vulnerability in multiple products Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the Firefox "-chrome" argument. | 9.3 |
2007-07-15 | CVE-2007-2402 | Information Exposure vulnerability in Apple Quicktime QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets. | 4.3 |
2007-07-15 | CVE-2007-2397 | Code Execution vulnerability in Apple QuickTime QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | 9.3 |
2007-07-15 | CVE-2007-2396 | Code Execution vulnerability in Apple QuickTime The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets. | 9.3 |
2007-07-15 | CVE-2007-2394 | Code Execution vulnerability in Apple QuickTime Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation. | 9.3 |
2007-07-15 | CVE-2007-2393 | Code Execution vulnerability in Apple QuickTime The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution. | 9.3 |
2007-07-15 | CVE-2007-2392 | Code Execution vulnerability in Apple QuickTime Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption. | 9.3 |
2007-05-14 | CVE-2007-0754 | Buffer Overflow vulnerability in Apple QuickTime MOV File STSD Heap Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie. | 9.3 |
2007-04-26 | CVE-2007-2296 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file. | 9.3 |