
CVE-2010-3800 – Apple QuickTime PICT directBitsRect Pack3 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3800
07 Dec 2010 — Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file. Apple QuickTime anterior v7.6.9 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída aplicación) a través de un fichero PICT manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User inter... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=882 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2010-3801 – Apple QuickTime FPX Subimage Count Out-of-bounds Counter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3801
07 Dec 2010 — Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file. Apple QuickTime en versiones anteriores a la 7.6.9 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) mediante un fichero FlashPix manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installation... • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2010-3802 – Apple QuickTime Panorama Atom Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3802
07 Dec 2010 — Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file. Error de presencia de signo (signedness) de entero en Apple QuickTime anterior v7.6.9 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un atom panorama ... • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html • CWE-189: Numeric Errors •

CVE-2010-1508 – Apple QuickTime 3GP Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1508
07 Dec 2010 — Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms. Desbordamiento de búfer basado en memoria dinámica en Apple QuickTime anterior v7.6.9 en Windows permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída aplicación) a través del delTrack Header manipualdo (conocido como tkhd). This vulnerability allows r... • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2010-1818 – Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1818
31 Aug 2010 — The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer. La función IPersistPropertyBag2::Read en QTPlugin.ocx en Apple QuickTime 6.x, 7.x y otras versiones permite a atacantes remotos ejecutar código arbitrario a través del atributo _Marshaled_pUnk, lo que provoca que deserialice un puntero no confiable. This v... • https://www.exploit-db.com/exploits/14843 • CWE-824: Access of Uninitialized Pointer •