Total
250 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3624 | 2 Apple, Microsoft | 5 Mac Os X, Quicktime, Windows-nt and 2 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted panorama atoms. | |||||
| CVE-2008-1014 | 1 Apple | 1 Quicktime | 2025-04-09 | 4.3 MEDIUM | N/A |
| Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2007-2295 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file. | |||||
| CVE-2009-2203 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file. | |||||
| CVE-2008-1013 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
| Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet. | |||||
| CVE-2008-1584 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted Indeo video codec content in a movie file. | |||||
| CVE-2009-0004 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file. | |||||
| CVE-2008-0033 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption. | |||||
| CVE-2009-0003 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure. | |||||
| CVE-2008-2010 | 2 Apple, Microsoft | 3 Quicktime, Windows Vista, Windows Xp | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-0715 | 1 Apple | 1 Quicktime | 2025-04-09 | 5.8 MEDIUM | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file. | |||||
| CVE-2007-2402 | 1 Apple | 1 Quicktime | 2025-04-09 | 4.3 MEDIUM | N/A |
| QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets. | |||||
| CVE-2009-0007 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms. | |||||
| CVE-2007-0711 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2025-04-09 | 9.3 HIGH | N/A |
| Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file. | |||||
| CVE-2007-4673 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045. | |||||
| CVE-2007-4676 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image. | |||||
| CVE-2008-3625 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted (1) maxTilt, (2) minFieldOfView, and (3) maxFieldOfView elements in panorama track PDAT atoms. | |||||
| CVE-2007-0754 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie. | |||||
| CVE-2008-4116 | 1 Apple | 2 Itunes, Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow. | |||||
| CVE-2008-1582 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AAC-encoded file that triggers memory corruption. | |||||