Vulnerabilities > Apple > Quicktime > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-12 | CVE-2006-1460 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. | 5.1 |
| 2006-05-12 | CVE-2006-1459 | Numeric Errors vulnerability in Apple Quicktime Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). | 5.1 |
| 2006-05-12 | CVE-2006-1458 | Numeric Errors vulnerability in Apple Quicktime 7.0.3/7.0.4 Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. | 5.1 |
| 2006-05-12 | CVE-2006-1454 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime 7.0.3/7.0.4 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | 5.1 |
| 2006-05-12 | CVE-2006-1453 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. | 5.1 |
| 2006-03-19 | CVE-2006-1249 | Numeric Errors vulnerability in Apple Itunes and Quicktime Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. | 6.8 |
| 2005-11-05 | CVE-2005-2756 | Remote Buffer Overflow vulnerability in Apple QuickTime Compressed PICT Data Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion. | 5.1 |
| 2005-11-05 | CVE-2005-2754 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | 5.1 |
| 2005-11-05 | CVE-2005-2753 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string. | 5.1 |
| 2005-05-12 | CVE-2005-1579 | Information Disclosure vulnerability in Apple Quicktime 7.0 Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. | 5.0 |