Apple: >> Quicktime >> 7.1.5 Security Vulnerabilities
The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.
CVSS Score
9.3
EPSS Score
0.291
Published
2007-07-15
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.
CVSS Score
9.3
EPSS Score
0.383
Published
2007-07-15
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.
CVSS Score
4.3
EPSS Score
0.011
Published
2007-07-15
Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file.
CVSS Score
9.3
EPSS Score
0.398
Published
2007-04-26
Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file.
CVSS Score
9.3
EPSS Score
0.336
Published
2007-04-26
Page 18