Page 42 of 231 results (0.008 seconds)

CVSS: 5.1EPSS: 7%CPEs: 2EXPL: 0

CVE-2006-1458

https://notcve.org/view.php?id=CVE-2006-1458

Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securitytracker.com/id?1016067 http://www.kb.cert.org/vuls/id/289705 http://www.securityfocus.com/bid/17953 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www.vupen.com/english/advisories/2006/1778 https://exchange.xforce.ibmcloud.com/vulnerabilities/26391 • CWE-189: Numeric Errors •

CVSS: 5.1EPSS: 79%CPEs: 5EXPL: 0

CVE-2006-1460

https://notcve.org/view.php?id=CVE-2006-1460

Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045987.html http://secunia.com/advisories/20069 http://securityreason.com/securityalert/887 http://securitytracker.com/id?1016067 http://secway.org/advisory/AD20060512.txt http://www.securityfocus.com/archive/1/433810/100/0/threaded http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/bid/17953 http://www.us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.1EPSS: 12%CPEs: 2EXPL: 0

CVE-2006-1463 – Apple QuickTime H.264 Parsing Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2006-1463

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player. The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an exploitable memory corruption condition. Exploitation requires that an attacker either coerce the target to open a malformed media file or visit a website embedding the malicious file. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securityreason.com/securityalert/888 http://securitytracker.com/id?1016067 http://www.securityfocus.com/archive/1/433828/100/0/threaded http://www.securityfocus.com/bid/17953 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www.vupen.com/english/advisories/2006/1778 http://www.zerodayinitiative.com/advisories/ZDI-06-015.html https://exchange.xforce.ibmclou • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 56%CPEs: 4EXPL: 0

CVE-2006-1249

https://notcve.org/view.php?id=CVE-2006-1249

Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securitytracker.com/id?1016067 http://www.eeye.com/html/research/upcoming/20060307b.html http://www.kb.cert.org/vuls/id/570689 http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/archive/1/433850/100/0/threaded http://www.securityfocus.com/bid/17074 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www& • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 7%CPEs: 4EXPL: 0

CVE-2005-3709

https://notcve.org/view.php?id=CVE-2005-3709

Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0447.html http://docs.info.apple.com/article.html?artnum=303101 http://secunia.com/advisories/18370 http://securitytracker.com/id?1015464 http://www.osvdb.org/22336 http://www.securityfocus.com/bid/16202 http://www.vupen.com/english/advisories/2006/0128 https://exchange.xforce.ibmcloud.com/vulnerabilities/24058 • CWE-189: Numeric Errors •