The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.
Max CVSS
4.3
EPSS Score
0.45%
Published
2011-03-23
Updated
2011-10-21
Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read.
Max CVSS
4.3
EPSS Score
1.84%
Published
2008-09-11
Updated
2018-10-30
Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information.
Max CVSS
4.3
EPSS Score
0.60%
Published
2008-04-04
Updated
2017-08-08
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.
Max CVSS
4.3
EPSS Score
0.85%
Published
2007-07-15
Updated
2018-10-30
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!