Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption.
Max CVSS
5.8
EPSS Score
9.87%
Published
2008-01-16
Updated
2017-08-08
Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption.
Max CVSS
5.8
EPSS Score
5.48%
Published
2008-01-16
Updated
2017-08-08
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a QTIF file with a Video Sample Description containing a Color table ID of 0, which triggers memory corruption when QuickTime assumes that a color table exists.
Max CVSS
5.8
EPSS Score
85.52%
Published
2007-03-05
Updated
2018-10-16
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.
Max CVSS
5.8
EPSS Score
7.12%
Published
2007-03-05
Updated
2017-07-29
Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.
Max CVSS
5.8
EPSS Score
5.14%
Published
2007-03-05
Updated
2017-07-29
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file.
Max CVSS
5.8
EPSS Score
5.14%
Published
2007-03-05
Updated
2017-07-29
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie file.
Max CVSS
5.8
EPSS Score
7.10%
Published
2007-03-05
Updated
2018-10-16
Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.
Max CVSS
5.0
EPSS Score
1.98%
Published
2006-09-25
Updated
2018-10-17
Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object.
Max CVSS
5.1
EPSS Score
4.35%
Published
2006-09-12
Updated
2018-10-17
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file.
Max CVSS
5.1
EPSS Score
10.71%
Published
2006-09-12
Updated
2018-10-17
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381.
Max CVSS
5.1
EPSS Score
15.67%
Published
2006-09-12
Updated
2018-10-17
Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image.
Max CVSS
5.1
EPSS Score
8.56%
Published
2006-09-12
Updated
2018-10-17
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.
Max CVSS
5.1
EPSS Score
72.73%
Published
2006-09-12
Updated
2018-10-17
Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie.
Max CVSS
5.1
EPSS Score
13.07%
Published
2006-09-12
Updated
2018-10-17
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie.
Max CVSS
5.1
EPSS Score
37.59%
Published
2006-09-12
Updated
2018-10-17
Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file.
Max CVSS
5.1
EPSS Score
3.07%
Published
2006-05-12
Updated
2018-10-18
Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime MPEG4 (M4P) video format file.
Max CVSS
5.1
EPSS Score
4.44%
Published
2006-05-12
Updated
2018-10-18
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value.
Max CVSS
5.1
EPSS Score
12.82%
Published
2006-05-12
Updated
2018-10-18
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file.
Max CVSS
5.1
EPSS Score
4.33%
Published
2006-05-12
Updated
2018-10-18
Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash (SWF) file.
Max CVSS
5.1
EPSS Score
4.38%
Published
2006-05-12
Updated
2018-10-18
Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom.
Max CVSS
5.1
EPSS Score
79.88%
Published
2006-05-12
Updated
2018-10-18
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV).
Max CVSS
5.1
EPSS Score
2.38%
Published
2006-05-12
Updated
2018-10-18
Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image.
Max CVSS
5.1
EPSS Score
5.79%
Published
2006-05-12
Updated
2017-07-20
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data.
Max CVSS
5.1
EPSS Score
14.03%
Published
2006-05-12
Updated
2018-10-18
Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information.
Max CVSS
5.1
EPSS Score
13.07%
Published
2006-05-12
Updated
2018-10-18