Vulnerabilities > Apple > Quicktime > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-11-16 | CVE-2010-3790 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X, mac OS X Server and Quicktime QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary. | 6.8 |
2010-11-16 | CVE-2010-3789 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X, mac OS X Server and Quicktime QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file. | 6.8 |
2010-11-16 | CVE-2010-3788 | Improper Input Validation vulnerability in Apple mac OS X, mac OS X Server and Quicktime QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file. | 6.8 |
2008-09-11 | CVE-2008-3629 | Resource Management Errors vulnerability in Apple Quicktime Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read. | 4.3 |
2008-09-11 | CVE-2008-3626 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the sample_size_table in STSZ atoms, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file. | 6.8 |
2008-09-11 | CVE-2008-3624 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted panorama atoms. | 6.8 |
2008-09-11 | CVE-2008-3614 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, which triggers heap corruption. | 6.8 |
2008-09-03 | CVE-2008-1739 | Resource Management Errors vulnerability in Apple Quicktime Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted ftyp atoms in a movie file, which triggers memory corruption. | 6.8 |
2008-06-10 | CVE-2008-1585 | Improper Input Validation vulnerability in Apple Quicktime Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file: URLs. | 6.8 |
2008-06-10 | CVE-2008-1584 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted Indeo video codec content in a movie file. | 6.8 |