CVSS: 9.8EPSS: 27%CPEs: 4EXPL: 0CVE-2006-1249
https://notcve.org/view.php?id=CVE-2006-1249
19 Mar 2006 — Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 3%CPEs: 4EXPL: 0CVE-2005-3708
https://notcve.org/view.php?id=CVE-2005-3708
31 Dec 2005 — Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. • http://docs.info.apple.com/article.html?artnum=303101 •
CVSS: 8.8EPSS: 5%CPEs: 4EXPL: 0CVE-2005-3711
https://notcve.org/view.php?id=CVE-2005-3711
31 Dec 2005 — Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0442.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 16%CPEs: 4EXPL: 0CVE-2005-3707
https://notcve.org/view.php?id=CVE-2005-3707
31 Dec 2005 — Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0445.html •
CVSS: 8.8EPSS: 39%CPEs: 4EXPL: 0CVE-2005-3713
https://notcve.org/view.php?id=CVE-2005-3713
31 Dec 2005 — Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0401.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 64%CPEs: 4EXPL: 2CVE-2005-2340 – Apple QuickTime 6.4/6.5/7.0.x - PictureViewer '.JPEG'/.PICT' File Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2340
31 Dec 2005 — Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field. • https://www.exploit-db.com/exploits/27069 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 4EXPL: 0CVE-2005-3709
https://notcve.org/view.php?id=CVE-2005-3709
31 Dec 2005 — Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0447.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 32%CPEs: 4EXPL: 0CVE-2005-3710
https://notcve.org/view.php?id=CVE-2005-3710
31 Dec 2005 — Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0440.html • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 44%CPEs: 2EXPL: 0CVE-2005-4092
https://notcve.org/view.php?id=CVE-2005-4092
08 Dec 2005 — Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally... • http://docs.info.apple.com/article.html?artnum=303101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 1%CPEs: 7EXPL: 0CVE-2005-2755
https://notcve.org/view.php?id=CVE-2005-2755
05 Nov 2005 — Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference. • http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0102.html •