CVSS: 5.1EPSS: 1%CPEs: 7EXPL: 0CVE-2005-2754
https://notcve.org/view.php?id=CVE-2005-2754
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." • http://docs.info.apple.com/article.html?artnum=302772 http://pb.specialised.info/all/adv/quicktime-mov-io2-adv.txt http://secunia.com/advisories/17428 http://securitytracker.com/id?1015152 http://www.osvdb.org/20476 http://www.securityfocus.com/archive/1/415709/30/0/threaded http://www.securityfocus.com/bid/15308 http://www.vupen.com/english/advisories/2005/2293 • CWE-189: Numeric Errors •
CVSS: 5.1EPSS: 1%CPEs: 7EXPL: 0CVE-2005-2753
https://notcve.org/view.php?id=CVE-2005-2753
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string. • http://docs.info.apple.com/article.html?artnum=302772 http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt http://secunia.com/advisories/17428 http://securitytracker.com/id?1015152 http://www.osvdb.org/20475 http://www.securityfocus.com/archive/1/415712/30/0/threaded http://www.securityfocus.com/bid/15306 http://www.vupen.com/english/advisories/2005/2293 • CWE-189: Numeric Errors •
CVSS: 5.1EPSS: 6%CPEs: 1EXPL: 0CVE-2004-0431
https://notcve.org/view.php?id=CVE-2004-0431
Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow. Desbordamiento de enteros en Apple QuickTime (QuickTime.qts) anteriores a 6.5.1 permite a atacantes ejecutar código de se elección mediante un "número de entradas" grande en la tabla de datos sample-to-chunk de un fichero de película .mov, lo que lleva un desbordamiento de búfer basado en el montón. • http://lists.apple.com/mhonarc/security-announce/msg00048.html http://marc.info/?l=bugtraq&m=108360110618389&w=2 http://marc.info/?l=ntbugtraq&m=108356485013237&w=2 http://www.kb.cert.org/vuls/id/782958 https://exchange.xforce.ibmcloud.com/vulnerabilities/16026 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2003-1414 – Apple QuickTime/Darwin Streaming Server 4.1.x - 'parse_xml.cgi' File Disclosure
https://notcve.org/view.php?id=CVE-2003-1414
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. • https://www.exploit-db.com/exploits/22312 http://securityreason.com/securityalert/3260 http://www.securityfocus.com/archive/1/313517 http://www.securityfocus.com/bid/6990 https://exchange.xforce.ibmcloud.com/vulnerabilities/11446 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2003-1413
https://notcve.org/view.php?id=CVE-2003-1413
parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. • http://securityreason.com/securityalert/3260 http://www.securityfocus.com/archive/1/313517 http://www.securityfocus.com/bid/6992 https://exchange.xforce.ibmcloud.com/vulnerabilities/11445 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •