CVE-2006-1460
https://notcve.org/view.php?id=CVE-2006-1460
Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045987.html http://secunia.com/advisories/20069 http://securityreason.com/securityalert/887 http://securitytracker.com/id?1016067 http://secway.org/advisory/AD20060512.txt http://www.securityfocus.com/archive/1/433810/100/0/threaded http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/bid/17953 http://www.us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-1453
https://notcve.org/view.php?id=CVE-2006-1453
Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20069 http://secunia.com/advisories/20077 http://securityreason.com/securityalert/887 http://securitytracker.com/id?1016067 http://securitytracker.com/id?1016075 http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/bid/17951 http://www.securityfocus.com/bid/17953 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-1463 – Apple QuickTime H.264 Parsing Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-1463
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player. The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an exploitable memory corruption condition. Exploitation requires that an attacker either coerce the target to open a malformed media file or visit a website embedding the malicious file. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securityreason.com/securityalert/888 http://securitytracker.com/id?1016067 http://www.securityfocus.com/archive/1/433828/100/0/threaded http://www.securityfocus.com/bid/17953 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www.vupen.com/english/advisories/2006/1778 http://www.zerodayinitiative.com/advisories/ZDI-06-015.html https://exchange.xforce.ibmclou • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-1249
https://notcve.org/view.php?id=CVE-2006-1249
Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securitytracker.com/id?1016067 http://www.eeye.com/html/research/upcoming/20060307b.html http://www.kb.cert.org/vuls/id/570689 http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/archive/1/433850/100/0/threaded http://www.securityfocus.com/bid/17074 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www& • CWE-189: Numeric Errors •
CVE-2005-3709
https://notcve.org/view.php?id=CVE-2005-3709
Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0447.html http://docs.info.apple.com/article.html?artnum=303101 http://secunia.com/advisories/18370 http://securitytracker.com/id?1015464 http://www.osvdb.org/22336 http://www.securityfocus.com/bid/16202 http://www.vupen.com/english/advisories/2006/0128 https://exchange.xforce.ibmcloud.com/vulnerabilities/24058 • CWE-189: Numeric Errors •