Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Quicktime  >> 6.5  Security Vulnerabilities
CVE-2007-4676
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.
CVSS Score
9.3
EPSS Score
0.697
Published
2007-11-07
CVE-2007-4677
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values.
CVSS Score
9.3
EPSS Score
0.7
Published
2007-11-07
CVE-2007-5045
Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the Firefox "-chrome" argument. NOTE: this is a related issue to CVE-2006-4965 and the result of an incomplete fix for CVE-2007-3670.
CVSS Score
9.3
EPSS Score
0.018
Published
2007-09-24
CVE-2007-0754
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie.
CVSS Score
9.3
EPSS Score
0.096
Published
2007-05-14
CVE-2007-0059
Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a local zone during preview, as exploited by a MySpace worm.
CVSS Score
6.8
EPSS Score
0.115
Published
2007-01-05
CVE-2006-4381
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie.
CVSS Score
5.1
EPSS Score
0.091
Published
2006-09-12
CVE-2006-4382
Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie.
CVSS Score
5.1
EPSS Score
0.285
Published
2006-09-12
CVE-2006-4384
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.
CVSS Score
5.1
EPSS Score
0.42
Published
2006-09-12
CVE-2006-4385
Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image.
CVSS Score
5.1
EPSS Score
0.266
Published
2006-09-12
CVE-2006-4386
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381.
CVSS Score
5.1
EPSS Score
0.296
Published
2006-09-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved