CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2005-2754
https://notcve.org/view.php?id=CVE-2005-2754
05 Nov 2005 — Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." • http://docs.info.apple.com/article.html?artnum=302772 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2005-2753
https://notcve.org/view.php?id=CVE-2005-2753
05 Nov 2005 — Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string. • http://docs.info.apple.com/article.html?artnum=302772 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 2%CPEs: 7EXPL: 0CVE-2005-2756
https://notcve.org/view.php?id=CVE-2005-2756
05 Nov 2005 — Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion. • http://docs.info.apple.com/article.html?artnum=302772 •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2005-2743
https://notcve.org/view.php?id=CVE-2005-2743
25 Oct 2005 — The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code. • http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html •
CVSS: 6.2EPSS: 2%CPEs: 1EXPL: 0CVE-2005-1579
https://notcve.org/view.php?id=CVE-2005-1579
12 May 2005 — Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. • http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0265.html •
CVSS: 8.1EPSS: 0%CPEs: 35EXPL: 0CVE-2004-0922
https://notcve.org/view.php?id=CVE-2004-0922
28 Oct 2004 — AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 35EXPL: 0CVE-2004-0921
https://notcve.org/view.php?id=CVE-2004-0921
28 Oct 2004 — AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2004-0988
https://notcve.org/view.php?id=CVE-2004-0988
28 Oct 2004 — Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00001.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2004-0431
https://notcve.org/view.php?id=CVE-2004-0431
06 May 2004 — Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow. Desbordamiento de enteros en Apple QuickTime (QuickTime.qts) anteriores a 6.5.1 permite a atacantes ejecutar código de se elección mediante un "número de entradas" grande en la tabla de datos sample-to-chunk de un fichero de película .mov, lo que lleva un desborda... • http://lists.apple.com/mhonarc/security-announce/msg00048.html •
CVSS: 9.8EPSS: 32%CPEs: 2EXPL: 1CVE-2003-0168
https://notcve.org/view.php?id=CVE-2003-0168
01 Apr 2003 — Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. Apple QuickTime Player 5.x y 6.0 para Windows, permiten a atacantes remotos la ejecución arbitraria de código mediante una URL QuickTime adecuada. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0166.html •