Apple

Quicktime

246 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2007-5045

  • EPSS 1.8%
  • Published 24.09.2007 00:17:00
  • Last modified 09.04.2025 00:30:58

Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XM...

9.3

CVE-2007-2392

  • EPSS 10.44%
  • Published 15.07.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption.

9.3

CVE-2007-2393

  • EPSS 11.78%
  • Published 15.07.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.

9.3

CVE-2007-2394

  • EPSS 48.81%
  • Published 15.07.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allo...

9.3

CVE-2007-2396

  • EPSS 29.1%
  • Published 15.07.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.

9.3

CVE-2007-2397

  • EPSS 38.25%
  • Published 15.07.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.

4.3

CVE-2007-2402

  • EPSS 1.17%
  • Published 15.07.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.

9.3

CVE-2007-2388

  • EPSS 6.68%
  • Published 29.05.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be ...

7.1

CVE-2007-2389

  • EPSS 0.66%
  • Published 29.05.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets.

9.3

CVE-2007-0754

  • EPSS 9.63%
  • Published 14.05.2007 21:19:00
  • Last modified 09.04.2025 00:30:58

Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie.