CVSS: 8.8EPSS: 94%CPEs: 2EXPL: 0CVE-2005-4092
https://notcve.org/view.php?id=CVE-2005-4092
08 Dec 2005 — Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally... • http://docs.info.apple.com/article.html?artnum=303101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-2938
https://notcve.org/view.php?id=CVE-2005-2938
18 Nov 2005 — Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file. • http://securitytracker.com/id?1015222 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 3%CPEs: 5EXPL: 0CVE-2005-1248
https://notcve.org/view.php?id=CVE-2005-1248
16 May 2005 — Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file. • http://docs.info.apple.com/article.html?artnum=301596 •
CVSS: 9.8EPSS: 72%CPEs: 1EXPL: 3CVE-2005-0043 – Apple iTunes - Playlist Parsing Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0043
19 Jan 2005 — Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files. • https://www.exploit-db.com/exploits/758 •