Page 42 of 230 results (0.017 seconds)

CVSS: 5.1EPSS: 13%CPEs: 23EXPL: 0

CVE-2006-1453

https://notcve.org/view.php?id=CVE-2006-1453

Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20069 http://secunia.com/advisories/20077 http://securityreason.com/securityalert/887 http://securitytracker.com/id?1016067 http://securitytracker.com/id?1016075 http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/bid/17951 http://www.securityfocus.com/bid/17953 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.1EPSS: 12%CPEs: 2EXPL: 0

CVE-2006-1463 – Apple QuickTime H.264 Parsing Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2006-1463

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player. The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an exploitable memory corruption condition. Exploitation requires that an attacker either coerce the target to open a malformed media file or visit a website embedding the malicious file. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securityreason.com/securityalert/888 http://securitytracker.com/id?1016067 http://www.securityfocus.com/archive/1/433828/100/0/threaded http://www.securityfocus.com/bid/17953 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www.vupen.com/english/advisories/2006/1778 http://www.zerodayinitiative.com/advisories/ZDI-06-015.html https://exchange.xforce.ibmclou • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 56%CPEs: 4EXPL: 0

CVE-2006-1249

https://notcve.org/view.php?id=CVE-2006-1249

Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securitytracker.com/id?1016067 http://www.eeye.com/html/research/upcoming/20060307b.html http://www.kb.cert.org/vuls/id/570689 http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/archive/1/433850/100/0/threaded http://www.securityfocus.com/bid/17074 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www& • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 7%CPEs: 4EXPL: 0

CVE-2005-3709

https://notcve.org/view.php?id=CVE-2005-3709

Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0447.html http://docs.info.apple.com/article.html?artnum=303101 http://secunia.com/advisories/18370 http://securitytracker.com/id?1015464 http://www.osvdb.org/22336 http://www.securityfocus.com/bid/16202 http://www.vupen.com/english/advisories/2006/0128 https://exchange.xforce.ibmcloud.com/vulnerabilities/24058 • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 5%CPEs: 4EXPL: 0

CVE-2005-3707

https://notcve.org/view.php?id=CVE-2005-3707

Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0445.html http://docs.info.apple.com/article.html?artnum=303101 http://secunia.com/advisories/18370 http://securitytracker.com/id?1015464 http://www.kb.cert.org/vuls/id/115729 http://www.osvdb.org/22336 http://www.securityfocus.com/bid/16202 http://www.us-cert.gov/cas/techalerts/TA06-011A.html http://www.vupen.com/english/advisories/2006/0128 https://exchange.xforce.ibmcloud.com/vulnerabilities/24056 •