Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Quicktime  >> 6.5  Security Vulnerabilities
CVE-2008-1017
Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie.
CVSS Score
6.8
EPSS Score
0.262
Published
2008-04-04
CVE-2008-1018
Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom.
CVSS Score
6.8
EPSS Score
0.406
Published
2008-04-04
CVE-2008-1019
Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop.
CVSS Score
6.8
EPSS Score
0.439
Published
2008-04-04
CVE-2008-1020
Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages.
CVSS Score
6.8
EPSS Score
0.439
Published
2008-04-04
CVE-2008-1021
Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding.
CVSS Score
6.8
EPSS Score
0.205
Published
2008-04-04
CVE-2008-1022
Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size.
CVSS Score
6.8
EPSS Score
0.439
Published
2008-04-04
CVE-2008-1023
Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file.
CVSS Score
6.8
EPSS Score
0.046
Published
2008-04-04
CVE-2008-0778
Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods.
CVSS Score
7.5
EPSS Score
0.221
Published
2008-02-14
CVE-2008-0032
Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption.
CVSS Score
5.8
EPSS Score
0.062
Published
2008-01-16
CVE-2008-0033
Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption.
CVSS Score
9.3
EPSS Score
0.336
Published
2008-01-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved