Apple Quicktime vulnerabilities
235 known vulnerabilities affecting apple/quicktime.
Total CVEs
235
CISA KEV
0
Public exploits
23
Exploited in wild
0
Severity breakdown
CRITICAL118HIGH20MEDIUM95LOW2
Vulnerabilities
Page 5 of 12
CVE-2011-0250CRITICALCVSS 9.3≤ 7.6.9v3.0+52 more2011-08-04
CVE-2011-0250 [CRITICAL] CWE-119 CVE-2011-0250: Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.
nvd
CVE-2011-0251CRITICALCVSS 9.3≤ 7.6.9v3.0+52 more2011-08-04
CVE-2011-0251 [CRITICAL] CWE-119 CVE-2011-0251: Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file.
nvd
CVE-2011-0248CRITICALCVSS 9.3≤ 7.6.9v3.0+52 more2011-08-04
CVE-2011-0248 [CRITICAL] CWE-119 CVE-2011-0248: Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Window
Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file.
nvd
CVE-2011-0246CRITICALCVSS 9.3≤ 7.6.9v3.0+52 more2011-08-04
CVE-2011-0246 [CRITICAL] CWE-119 CVE-2011-0246: Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execu
Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
nvd
CVE-2011-0249CRITICALCVSS 9.3≤ 7.6.9v3.0+52 more2011-08-04
CVE-2011-0249 [CRITICAL] CWE-119 CVE-2011-0249: Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.
nvd
CVE-2011-0245CRITICALCVSS 9.3≤ 7.6.9v7.0.0+30 more2011-08-04
CVE-2011-0245 [CRITICAL] CWE-119 CVE-2011-0245: Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or c
Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.
nvd
CVE-2011-0247CRITICALCVSS 9.3≤ 7.6.9v3.0+52 more2011-08-04
CVE-2011-0247 [CRITICAL] CWE-119 CVE-2011-0247: Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attacker
Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.
nvd
CVE-2011-0252CRITICALCVSS 9.3≤ 7.6.9v7.0.0+30 more2011-08-04
CVE-2011-0252 [CRITICAL] CWE-119 CVE-2011-0252: Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file.
nvd
CVE-2011-0213MEDIUMCVSS 6.8fixed in 7.7.02011-06-24
CVE-2011-0213 [MEDIUM] CWE-120 CVE-2011-0213: Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbi
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.
nvd
CVE-2011-0211MEDIUMCVSS 6.8fixed in 7.7.02011-06-24
CVE-2011-0211 [MEDIUM] CWE-190 CVE-2011-0211: Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arb
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
nvd
CVE-2011-0209MEDIUMCVSS 6.8fixed in 7.7.02011-06-24
CVE-2011-0209 [MEDIUM] CWE-190 CVE-2011-0209: Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arb
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.
nvd
CVE-2011-0210MEDIUMCVSS 6.8fixed in 7.7.02011-06-24
CVE-2011-0210 [MEDIUM] CWE-787 CVE-2011-0210: QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.
nvd
CVE-2011-0187MEDIUMCVSS 4.3fixed in 7.7.02011-03-23
CVE-2011-0187 [MEDIUM] CVE-2011-0187: The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same
The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.
nvd
CVE-2011-0186MEDIUMCVSS 4.3fixed in 7.7.02011-03-23
CVE-2011-0186 [MEDIUM] CWE-787 CVE-2011-0186: QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.
nvd
CVE-2010-3801CRITICALCVSS 9.3≤ 7.6.8v3.0+50 more2010-12-09
CVE-2010-3801 [CRITICAL] CWE-119 CVE-2010-3801: Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of
Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file.
nvd
CVE-2010-3800CRITICALCVSS 9.3≤ 7.6.8v3.0+50 more2010-12-09
CVE-2010-3800 [CRITICAL] CWE-119 CVE-2010-3800: Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of
Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.
nvd
CVE-2010-1508CRITICALCVSS 9.3≤ 7.6.8v3.0+51 more2010-12-09
CVE-2010-1508 [CRITICAL] CWE-119 CVE-2010-1508: Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to exe
Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.
nvd
CVE-2010-4009CRITICALCVSS 9.3≤ 7.6.8v3.0+50 more2010-12-09
CVE-2010-4009 [CRITICAL] CWE-189 CVE-2010-4009: Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code o
Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
nvd
CVE-2010-3802CRITICALCVSS 9.3≤ 7.6.8v3.0+50 more2010-12-09
CVE-2010-3802 [CRITICAL] CWE-189 CVE-2010-3802: Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrar
Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.
nvd
CVE-2010-0530LOWCVSS 2.1≤ 7.6.8v3.0+51 more2010-12-09
CVE-2010-0530 [LOW] CWE-264 CVE-2010-0530: Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in th
Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.
nvd