Every CVE whose affected-product data names Apple Quicktime, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2007-0462 — CVSS 10.0 (critical): The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows…
CVE-2007-6238 — CVSS 10.0 (critical): Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack…
CVE-2011-3428 — CVSS 9.8 (critical): Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code.
CVE-2014-1251 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2014-1250 — CVSS 9.3 (critical): Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code…
CVE-2014-1249 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2014-1248 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2014-1247 — CVSS 9.3 (critical): Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2014-1246 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2014-1245 — CVSS 9.3 (critical): Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2014-1244 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2014-1243 — CVSS 9.3 (critical): Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a…
CVE-2013-1022 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-1021 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-1020 — CVSS 9.3 (critical): Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted…
CVE-2013-1019 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-1018 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-1017 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-1016 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-1015 — CVSS 9.3 (critical): Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a…
CVE-2013-0989 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-0988 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2013-0987 — CVSS 9.3 (critical): Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a…
CVE-2013-0986 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2012-3758 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2012-3757 — CVSS 9.3 (critical): Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2012-3756 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2012-3755 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2012-3754 — CVSS 9.3 (critical): Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.7.3 allows remote attackers to execute…
CVE-2012-3753 — CVSS 9.3 (critical): Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2012-3752 — CVSS 9.3 (critical): Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrary code or cause a denial of service…
CVE-2012-3751 — CVSS 9.3 (critical): Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a…
CVE-2012-0671 — CVSS 9.3 (critical): Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2012-0670 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2012-0669 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2012-0668 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2012-0667 — CVSS 9.3 (critical): Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2012-0666 — CVSS 9.3 (critical): Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or…
CVE-2012-0665 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2012-0664 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial…
CVE-2012-0663 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause…
CVE-2012-0265 — CVSS 9.3 (critical): Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial…
CVE-2011-3251 — CVSS 9.3 (critical): Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2011-3250 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2007-0711 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to…
CVE-2007-0712 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and…
CVE-2011-3249 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2007-0714 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly…
CVE-2011-3248 — CVSS 9.3 (critical): Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2011-3247 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2011-1374 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2011-0258 — CVSS 9.3 (critical): Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2007-0754 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted…
CVE-2007-2295 — CVSS 9.3 (critical): Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote…
CVE-2007-2296 — CVSS 9.3 (critical): Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to…
CVE-2007-2388 — CVSS 9.3 (critical): Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to…
CVE-2011-0257 — CVSS 9.3 (critical): Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2007-2392 — CVSS 9.3 (critical): Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted…
CVE-2007-2393 — CVSS 9.3 (critical): The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to…
CVE-2007-2394 — CVSS 9.3 (critical): Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary…
CVE-2007-2395 — CVSS 9.3 (critical): Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description…
CVE-2007-2396 — CVSS 9.3 (critical): The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers…
CVE-2007-2397 — CVSS 9.3 (critical): QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security…
CVE-2011-0256 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2007-3750 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample…
CVE-2007-4673 — CVSS 9.3 (critical): Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands…
CVE-2011-0252 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2011-0251 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2007-4707 — CVSS 9.3 (critical): Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary…
CVE-2007-5045 — CVSS 9.3 (critical): Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7…
CVE-2007-6166 — CVSS 9.3 (critical): Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows…
CVE-2009-0952 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2009-0954 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial…
CVE-2014-4979 — CVSS 9.3 (critical): Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version…
CVE-2009-0953 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2011-0250 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2011-0249 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2008-0033 — CVSS 9.3 (critical): Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and…
CVE-2011-0248 — CVSS 9.3 (critical): Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used…
CVE-2008-0234 — CVSS 9.3 (critical): Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers…
CVE-2011-0247 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a…
CVE-2011-0246 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2011-0245 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2010-4009 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2010-3802 — CVSS 9.3 (critical): Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2010-3801 — CVSS 9.3 (critical): Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2010-3800 — CVSS 9.3 (critical): Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2010-1819 — CVSS 9.3 (critical): Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote…
CVE-2010-1818 — CVSS 9.3 (critical): The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote…
CVE-2010-1799 — CVSS 9.3 (critical): Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to…
CVE-2010-1508 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial…
CVE-2010-0536 — CVSS 9.3 (critical): Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2010-0529 — CVSS 9.3 (critical): Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or…
CVE-2010-0528 — CVSS 9.3 (critical): Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2010-0527 — CVSS 9.3 (critical): Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2009-2799 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2009-2798 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2009-2203 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application…
CVE-2008-2010 — CVSS 9.3 (critical): Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a…
CVE-2009-2202 — CVSS 9.3 (critical): Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2008-3615 — CVSS 9.3 (critical): ir50_32.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, accesses…
CVE-2009-0957 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2008-3625 — CVSS 9.3 (critical): Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2009-0956 — CVSS 9.3 (critical): Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to…
CVE-2008-3627 — CVSS 9.3 (critical): Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms in MP4 video files within QuickTimeH264.qtx, (2) MDAT atoms in mov…
CVE-2008-3628 — CVSS 9.3 (critical): Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash)…
CVE-2009-0955 — CVSS 9.3 (critical): Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted…
CVE-2008-3635 — CVSS 9.3 (critical): Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when…
CVE-2008-4116 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly…
CVE-2008-5406 — CVSS 9.3 (critical): Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service…
CVE-2009-0001 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and…
CVE-2009-0002 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and…
CVE-2009-0003 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and…
CVE-2009-0004 — CVSS 9.3 (critical): Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly…
CVE-2009-0005 — CVSS 9.3 (critical): Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and…
CVE-2009-0006 — CVSS 9.3 (critical): Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and…
CVE-2009-0007 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and…
CVE-2009-0185 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2009-0188 — CVSS 9.3 (critical): Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2009-0951 — CVSS 9.3 (critical): Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2017-2218 — CVSS 7.8 (high): Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in…
CVE-2001-0198 — CVSS 7.6 (high): Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter…
CVE-2007-4672 — CVSS 7.6 (high): Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid…
CVE-2006-2238 — CVSS 7.5 (high): Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that…
CVE-2015-5779 — CVSS 7.5 (high): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2005-2340 — CVSS 7.5 (high): Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime…
CVE-2005-2743 — CVSS 7.5 (high): The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system…
CVE-2003-0168 — CVSS 7.5 (high): Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime…
CVE-2002-0376 — CVSS 7.5 (high): Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.
CVE-2005-3707 — CVSS 7.5 (high): Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
CVE-2005-4092 — CVSS 7.5 (high): Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote…
CVE-2008-0778 — CVSS 7.5 (high): Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to…
CVE-2005-3708 — CVSS 7.5 (high): Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
CVE-2005-3709 — CVSS 7.5 (high): Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2005-3710 — CVSS 7.5 (high): Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified…
CVE-2005-3711 — CVSS 7.5 (high): Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1)…
CVE-2005-3713 — CVSS 7.5 (high): Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a…
CVE-2004-0921 — CVSS 7.5 (high): AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts"…
CVE-2002-0252 — CVSS 7.5 (high): Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a…
CVE-2007-2389 — CVSS 7.1 (high): Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote…
CVE-2007-0588 — CVSS 7.1 (high): The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier…
CVE-2010-3791 — CVSS 6.8 (medium): Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2010-3792 — CVSS 6.8 (medium): Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a…
CVE-2010-3793 — CVSS 6.8 (medium): QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2008-1018 — CVSS 6.8 (medium): Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a…
CVE-2008-1017 — CVSS 6.8 (medium): Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote…
CVE-2008-1016 — CVSS 6.8 (medium): Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attackers to execute arbitrary code via a…
CVE-2008-1015 — CVSS 6.8 (medium): Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a…
CVE-2011-0209 — CVSS 6.8 (medium): Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2011-0210 — CVSS 6.8 (medium): QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2011-0213 — CVSS 6.8 (medium): Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2008-1013 — CVSS 6.8 (medium): Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute…
CVE-2008-0036 — CVSS 6.8 (medium): Buffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which…
CVE-2007-4706 — CVSS 6.8 (medium): Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file.
CVE-2007-4674 — CVSS 6.8 (medium): An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing…
CVE-2007-0059 — CVSS 6.8 (medium): Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list…
CVE-2007-0015 — CVSS 6.8 (medium): Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI.
CVE-2011-0211 — CVSS 6.8 (medium): Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2008-3626 — CVSS 6.8 (medium): The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the…
CVE-2008-3624 — CVSS 6.8 (medium): Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2008-3614 — CVSS 6.8 (medium): Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2008-1739 — CVSS 6.8 (medium): Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted…
CVE-2008-1585 — CVSS 6.8 (medium): Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in…
CVE-2008-1584 — CVSS 6.8 (medium): Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) or…
CVE-2008-1583 — CVSS 6.8 (medium): Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2008-1582 — CVSS 6.8 (medium): Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2008-1581 — CVSS 6.8 (medium): Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service (crash) and…
CVE-2008-1023 — CVSS 6.8 (medium): Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary…
CVE-2008-1022 — CVSS 6.8 (medium): Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with…
CVE-2008-1021 — CVSS 6.8 (medium): Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to…
CVE-2008-1020 — CVSS 6.8 (medium): Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code…
CVE-2008-1019 — CVSS 6.8 (medium): Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted…
CVE-2010-3788 — CVSS 6.8 (medium): QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows…
CVE-2010-3789 — CVSS 6.8 (medium): QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-3790 — CVSS 6.8 (medium): QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2006-1249 — CVSS 6.8 (medium): Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via…
CVE-2013-1032 — CVSS 6.8 (medium): QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-3661 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute…
CVE-2015-3662 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute…
CVE-2015-3663 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute…
CVE-2015-3664 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3665 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3666 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute…
CVE-2015-3667 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute…
CVE-2015-3668 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute…
CVE-2015-3669 — CVSS 6.8 (medium): QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3713 — CVSS 6.8 (medium): QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)…
CVE-2015-3765 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-3779 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-3788 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-3789 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-3790 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-3791 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-3792 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-5751 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-5753 — CVSS 6.8 (medium): QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
CVE-2015-5785 — CVSS 6.8 (medium): Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2015-5786 — CVSS 6.8 (medium): Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2015-7085 — CVSS 6.6 (medium): Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…
CVE-2015-7086 — CVSS 6.6 (medium): Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and…