Download
| Alert*
oval:org.mitre.oval:def:7523
The host is installed with Apple QuickTime 6.x or 7.x before 7.6.8 and is prone to remote code execution vulnerability. The flaw is present in IPersistPropertyBag2::Read function in QTPlugin.ocx, which fails to properly handle the _Marshaled_pUnk attribute. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:4306 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-09-15-1. The update is required to fix multiple arbitrary code execution vulnerabilities. The flaws are present in the application, which fails to sanitize malicious data. Successful exploitation could allow ... oval:org.secpod.oval:def:32576 The host is installed with Apple QuickTime before 7.7.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory ... oval:org.secpod.oval:def:32573 The host is installed with Apple QuickTime before 7.7.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory ... oval:org.secpod.oval:def:32572 The host is installed with Apple QuickTime before 7.7.9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory ... oval:org.secpod.oval:def:32575 The host is installed with Apple QuickTime before 7.7.9 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted TXXX frame in a movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:32574 The host is installed with Apple QuickTime before 7.7.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory ... oval:org.secpod.oval:def:32571 The host is installed with Apple QuickTime before 7.7.9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory ... oval:org.secpod.oval:def:32570 The host is installed with Apple QuickTime before 7.7.9 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:32569 The host is installed with Apple QuickTime before 7.7.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory ... oval:org.secpod.oval:def:32568 The host is installed with Apple QuickTime before 7.7.9 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:11698 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle dref atoms. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11699 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle H.263 encoded movie files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5773 The host is installed with Quicktime before 7.7.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with Sorenson encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the se ... oval:org.secpod.oval:def:5770 The host is installed with Quicktime before 7.7.2 and is prone to an integer signedness error vulnerability. A flaw is present in the application, which fails to properly handle a crafted QTVR movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5776 The host is installed with Quicktime before 7.7.2 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted pathname for a file. Successful exploitation could allow attackers to execute arbitrary code or crash the serv ... oval:org.secpod.oval:def:3107 The host is installed with Apple QuickTime before 7.7.1 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted TKHD atoms in a QuickTime movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:11700 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle Sorenson encoded movie files. Successful exploitation could allow attackers to execute arbitrary code or crash the servic ... oval:org.secpod.oval:def:11701 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle JPEG encoded data. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11702 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle JPEG encoded data. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11703 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle 'mvhd' atoms. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11704 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle 'mvhd' atoms. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3096 The host is installed with Apple QuickTime before 7.7.1 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted PICT file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:1212 The host is installed with Apple QuickTime and is prone to heap based overflow vulnerability. A flaw is present in the application, which fails to handle a file permission. Successful exploitation allow local user can access potentially sensitive information. oval:org.secpod.oval:def:1211 The host is installed with Apple QuickTime and is prone to heap based overflow vulnerability. A flaw is present in the application, which fails in processing of Track header atoms. Successful exploitation allow remote attackers to execute arbitrary code or cause a denial of service (application cras ... oval:org.secpod.oval:def:11696 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted TeXML file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11697 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle H.263 encoded movie files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3766 The host is missing a security update according to Apple advisory, APPLE-SA-2010-08-12-1. The update is required to fix a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to cras ... oval:org.mitre.oval:def:7995 Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_sta ... oval:org.secpod.oval:def:3100 The host is installed with Apple QuickTime before 7.7.1 and is prone to cross site scripting vulnerability. A flaw is present in the application, which fails to handle HTML documents that contain an http link to a script file. Successful exploitation could allow attackers to inject arbitrary script. oval:org.secpod.oval:def:3103 The host is installed with Apple QuickTime before 7.7.1 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3101 The host is installed with Apple QuickTime before 7.7.1 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FlashPix file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3102 The host is installed with Apple QuickTime before 7.7.1 and is prone to an buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FLIC movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3099 The host is installed with Apple QuickTime before 7.7.1 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to handle the atom hierarchy in movie files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3097 The host is installed with Apple QuickTime before 7.7.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which properly process URL data handlers in movie files. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:5839 The host is installed with Apple QuickTime before 7.7.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a RLE encoded file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:25231 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:25232 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:25233 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:1995 The host is installed with Apple QuickTime before 7.7 and is prone to buffer overflow vulnerability.A flaw is present in the application which fails to properly handle pict files. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:1997 The host is installed with Apple QuickTime before 7.7 and is prone to heap based overflow vulnerability. A flaw is present in the application which fails to properly handle STSZ atoms in a QuickTime movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a deni ... oval:org.secpod.oval:def:1996 The host is installed with Apple QuickTime before 7.7 and is prone to heap based overflow vulnerability. A flaw is present in the application which fails to properly handle STTS atoms in QuickTime movie files. Successful exploitation allows remote attackers to execute arbitrary code or cause a denia ... oval:org.secpod.oval:def:1999 The host is installed with Apple QuickTime before 7.7 and is prone to heap based overflow vulnerability. A flaw is present in the application which fails to properly handle STSC atoms in a QuickTime movie file. Successful exploitation allows remote attackers to execute arbitrary code or cause a deni ... oval:org.secpod.oval:def:1998 The host is installed with Apple QuickTime before 7.7 and is prone to heap based overflow vulnerability. A flaw is present in the application which fails to properly handle STSS atoms in a QuickTime movie file.Successful exploitation allows remote attackers to execute arbitrary code or cause a denia ... oval:org.mitre.oval:def:7458 Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. oval:org.mitre.oval:def:7498 Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value. oval:org.secpod.oval:def:3767 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-30-1. The update is required to fix multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow at ... oval:org.secpod.oval:def:1210 The host is installed with Apple QuickTime and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted PICT file. Successful exploitation allow remote attackers to execute arbitrary code or cause a denial of service (appl ... oval:org.secpod.oval:def:1207 The host is installed with Apple QuickTime and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted movie file. Successful exploitation allow remote attackers to execute arbitrary code or cause a denial of service (appli ... oval:org.secpod.oval:def:1209 The host is installed with Apple QuickTime and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted flashpix file. Successful exploitation allow remote attackers to execute arbitrary code or cause a denial of service (a ... oval:org.secpod.oval:def:1208 The host is installed with Apple QuickTime and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted QTVR (QuickTime Virtual Reality) movie file. Successful exploitation allow remote attackers to execute arbitrary code o ... oval:org.mitre.oval:def:11800 Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. oval:org.mitre.oval:def:7062 Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding, which triggers memory corruption when the length of decompressed data exceeds that of ... oval:org.secpod.oval:def:16493 The host is missing a security update according to Apple advisory, APPLE-SA-2009-01-21. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or cra ... oval:org.mitre.oval:def:5672 Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file. oval:org.mitre.oval:def:6405 Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file. oval:org.secpod.oval:def:7886 The host is installed with Apple QuickTime before 7.7.3 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to properly handle the style elements in QuickTime TeXML files. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:7887 The host is installed with Apple QuickTime before 7.7.3 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails in plugin's handling of MIME types. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:7888 The host is installed with Apple QuickTime before 7.7.3 and is prone to use after free vulnerability. A flaw is present in the application, which fails in the QuickTime ActiveX control's handling of the Clear() method. Successful exploitation could allow attackers to execute arbitrary code or crash ... oval:org.secpod.oval:def:7889 The host is installed with Apple QuickTime before 7.7.3 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle Targa image files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:7882 The host is installed with Apple QuickTime before 7.7.3 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle REGION records in PICT files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:7883 The host is installed with Apple QuickTime before 7.7.3 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to properly handle PICT files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:7884 The host is installed with Apple QuickTime before 7.7.3 and is prone to use after free vulnerability. A flaw is present in the application, which fails in plugin's handling of '_qtactivex_' parameters within a HTML object element. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:7885 The host is installed with Apple QuickTime before 7.7.3 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the transform attribute in text3GTrack elements. Successful exploitation could allow attackers to execute arbitrary code or cras ... oval:org.mitre.oval:def:7043 Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.261 encoding. oval:org.mitre.oval:def:12443 Apple QuickTime (32 bit) is installed oval:org.secpod.oval:def:16477 The host is installed with Apple QuickTime before 7.6.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted compressed PSD image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16478 The host is installed with Apple QuickTime before 7.6.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted PICT image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16475 The host is installed with Apple QuickTime before 7.6.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16476 The host is installed with Apple QuickTime before 7.6.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FLC compression file. Successful exploitation could allow attackers to execute arbitrary code or crash the service ... oval:org.secpod.oval:def:16911 The host is installed with Apple QuickTime before 7.7.5 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to initialize an unspecified pointer. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.secpod.oval:def:16479 The host is installed with Apple QuickTime before 7.6.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file containing (CRGN) atom types. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:16470 The host is installed with Apple QuickTime before 7.5.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted PICT image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16473 The host is installed with Apple QuickTime before 7.6.2 and is prone to an integer underflow vulnerability. A flaw is present in the application, which fails to handle a a crafted length field. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16474 The host is installed with Apple QuickTime before 7.6.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MS ADPCM encoded audio data. Successful exploitation could allow attackers to execute arbitrary code or crash the ... oval:org.secpod.oval:def:16471 The host is installed with Apple QuickTime before 7.5.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16472 The host is installed with Apple QuickTime before 7.5.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted PICT image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.mitre.oval:def:6187 Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption. oval:org.mitre.oval:def:6626 Heap-based buffer overflow in quicktime.qts in CoreMedia and QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed .3g2 movie file with H.263 encoding that triggers an incorrect buffer length calcu ... oval:org.mitre.oval:def:6747 The host is installed with Apple QuickTime before 7.6.8 and is prone to remote code execution vulnerability. The flaw is present in the Picture Viewer in Apple QuickTime, which fails to handle the trojan horse (1) CoreVideo.dll, (2) CoreGraphics.dll, or (3) CoreAudioToolbox.dll that is located in th ... oval:org.mitre.oval:def:6989 Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length valu ... oval:org.secpod.oval:def:16921 The host is missing a security update according to Apple advisory, APPLE-SA-2014-02-25-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain crafted vectors in a movie file. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:16920 The host is installed with Apple QuickTime before 7.7.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted clef atom in a movie file. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.secpod.oval:def:16480 The host is installed with Apple QuickTime before 7.6.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted image description atoms in an Apple video file. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:16481 The host is installed with Apple QuickTime before 7.6.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly initialize memory before use in handling movie files. Successful exploitation could allow attackers to execute arbitrary code or cr ... oval:org.secpod.oval:def:16482 The host is installed with Apple QuickTime before 7.6.2 and is prone to a heap-based memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted JP2 image. Successful exploitation could allow attackers to execute arbitrary code or crash the service ... oval:org.secpod.oval:def:16483 The host is installed with Apple QuickTime before 7.6.2 and is prone to a heap-based memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted JP2 image. Successful exploitation could allow attackers to execute arbitrary code or crash the service ... oval:org.secpod.oval:def:16915 The host is installed with Apple QuickTime before 7.7.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted ftab atom in a movie file. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.secpod.oval:def:16914 The host is installed with Apple QuickTime before 7.7.5 and is prone to integer signedness error vulnerability. A flaw is present in the application, which fails to handle a crafted stsz atom in a movie file. Successful exploitation allows attackers to cause a denial of service or an application cra ... oval:org.secpod.oval:def:16913 The host is installed with Apple QuickTime before 7.7.5 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle QuickTime image descriptions. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.secpod.oval:def:16912 The host is installed with Apple QuickTime before 7.7.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with H.264 encoding. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.secpod.oval:def:16919 The host is installed with Apple QuickTime before 7.7.5 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform a byte-swapping operation. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:16918 The host is installed with Apple QuickTime before 7.7.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted PSD image. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.mitre.oval:def:5646 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms. oval:org.secpod.oval:def:16917 The host is installed with Apple QuickTime before 7.7.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted ldat atom in a movie file. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.secpod.oval:def:16916 The host is installed with Apple QuickTime before 7.7.5 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted dref atom in a movie file. Successful exploitation allows attackers to cause a denial of service or an application crash. oval:org.mitre.oval:def:6673 Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with M-JPEG encoding, which causes QuickTime to calculate a buffer size using height and width fields, b ... oval:org.mitre.oval:def:5467 Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file. oval:org.secpod.oval:def:2000 The host is installed with Apple QuickTime before 7.7 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application which fails to properly handle QTL files. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:2002 The host is installed with Apple QuickTime before 7.7 and is prone to heap based overflow vulnerability. A flaw is present in the application which fails to properly handle GIF images. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:2001 The host is installed with Apple QuickTime before 7.7 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application which fails to properly handle H.264 encoded movie files. Successful exploitation allows remote attackers to execute arbitrary code or ... oval:org.secpod.oval:def:2004 The host is installed with Apple QuickTime before 7.7 and is prone to integer overflow vulnerability. A flaw is present in the application which fails to properly handle track run atoms in QuickTime movie files. Successful exploitation allows remote attackers to execute arbitrary code or cause a den ... oval:org.secpod.oval:def:2005 The host is installed with Apple QuickTime before 7.7 and is prone to stack buffer overflow vulnerability. A flaw is present in the application which fails to properly handle PICT files. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:2008 The host is installed with Apple QuickTime before 7.7 and is prone to memory corruption vulnerability. A flaw is present in the application which fails to properly handle sample tables in QuickTime movie files. Successful exploitation allows remote attackers to execute arbitrary code or cause a deni ... oval:org.secpod.oval:def:2007 The host is installed with Apple QuickTime before 7.7 and is prone to integer overflow vulnerability. A flaw is present in the application which fails to properly handle audio channels in movie files. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of serv ... oval:org.secpod.oval:def:2009 The host is installed with Apple QuickTime before 7.7 and is prone to integer overflow vulnerability. A flaw is present in the application which fails to properly handle RIFF WAV files. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.mitre.oval:def:6783 QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with H.264 encoding. oval:org.mitre.oval:def:6780 Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory ... oval:org.mitre.oval:def:7077 QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with Sorenson encoding. oval:org.secpod.oval:def:2011 The host is installed with Apple QuickTime before 7.7 and is prone to multiple memory corruption vulnerabilities. A flaw is present in the application which fails to properly handle JPEG2000 images.Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:2010 The host is installed with Apple QuickTime before 7.7 and is prone to cross-origin bypass vulnerability. A flaw is present in the application which fails to properly handle cross-site redirects. Successful exploitation allows remote attackers to obtain potentially sensitive video data oval:org.mitre.oval:def:6927 Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not properly handled during d ... oval:org.mitre.oval:def:6801 Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, ... oval:org.mitre.oval:def:6922 CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDM2 encoding, which triggers a buffer overflow due to inconsistent length fields, related to QDCA. oval:org.mitre.oval:def:6211 Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file. oval:org.mitre.oval:def:6218 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure. oval:org.secpod.oval:def:16455 The host is installed with Apple QuickTime before 7.4.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted ftyp atoms in a movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the s ... oval:org.secpod.oval:def:16456 The host is missing a security update according to Apple advisory, APPLE-SA-2008-04-02. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple vulnerabilities. The flaws are present in the application, which fails to ... oval:org.secpod.oval:def:16453 The host is installed with Apple QuickTime before 7.4.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted VR movie with an obji atom of zero size. Successful exploitation could allow attackers to execute arbitr ... oval:org.secpod.oval:def:16454 The host is installed with Apple QuickTime before 7.4.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PICT image file. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:16459 The host is installed with Apple QuickTime before 7.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted PICT image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16457 The host is installed with Apple QuickTime before 7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted packed scanlines in PixData structures in a PICT image. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:16458 The host is installed with Apple QuickTime before 7.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle crafted AAC-encoded file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:2300 The host is installed with Apple QuickTime before 7.7 and is prone to memory corruption vulnerability. A flaw is present in the application which is caused by improper bounds checking when handling mp4v codec information. Successful exploitation allows remote attackers to execute arbitrary code on t ... oval:org.secpod.oval:def:16451 The host is installed with Apple QuickTime before 7.4.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PICT image file, related to an improperly terminated memory copy loop. Successful exploitation could allo ... oval:org.secpod.oval:def:16452 The host is installed with Apple QuickTime before 7.4.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie with run length encoding. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:16450 The host is installed with Apple QuickTime before 7.4.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PICT image file, related to an improperly terminated memory copy loop. Successful exploitation could allo ... oval:org.secpod.oval:def:26260 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.mitre.oval:def:6969 Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted BMP image. oval:org.secpod.oval:def:26262 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:26261 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:26264 The host is missing a security update according to Apple advisory, APPLE-SA-2015-08-20-1. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected applic ... oval:org.secpod.oval:def:26263 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:16466 The host is installed with Apple QuickTime before 7.5.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted elements in panorama track PDAT atoms. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16467 The host is installed with Apple QuickTime before 7.5.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16464 The host is installed with Apple QuickTime before 7.5.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16465 The host is installed with Apple QuickTime before 7.5.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted a QuickTime Virtual Reality (QTVR) movie file with crafted panorama atoms. Successful exploitation could allow att ... oval:org.secpod.oval:def:16468 The host is installed with Apple QuickTime before 7.5.5 and is prone to a heap corruption vulnerability. A flaw is present in the application, which fails to handle a crafted H.264 encoded movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16469 The host is installed with Apple QuickTime before 7.5.5 and is prone to an invalid pointer vulnerability. A flaw is present in the application, which fails to handle a crafted PICT image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16462 The host is missing a security update according to Apple advisory, APPLE-SA-2008-06-09. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16463 The host is installed with Apple QuickTime before 7.5.5 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted PICT image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16460 The host is installed with Apple QuickTime before 7.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted Indeo video codec content in a movie file. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:16461 The host is installed with Apple QuickTime before 7.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:26255 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:26257 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:26256 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.mitre.oval:def:6153 Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow. oval:org.secpod.oval:def:26259 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:26258 The host is installed with Apple QuickTime before 7.7.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:16437 The host is installed with Apple QuickTime before 7.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted Sorenson 3 video file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.mitre.oval:def:6707 Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. oval:org.secpod.oval:def:16438 The host is installed with Apple QuickTime before 7.4 and is prone to an Arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a movie file containing a Macintosh Resource record with a modified length value in the resource header. Successful exploitatio ... oval:org.mitre.oval:def:5974 Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie. oval:org.secpod.oval:def:16444 The host is installed with Apple QuickTime before 7.4.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted applet. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:16445 The host is installed with Apple QuickTime before 7.4.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle external URLs in movies. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:16442 The host is installed with Apple QuickTime Player before 7.4.1 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message. Successful exploitation could al ... oval:org.secpod.oval:def:16443 The host is missing a security update according to, APPLE-SA-2008-02-06. The update is required to fix a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message. Successf ... oval:org.secpod.oval:def:16448 The host is installed with Apple QuickTime before 7.4.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:16449 The host is installed with Apple QuickTime before 7.4.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle an MP4A movie with a malformed Channel Compositor (aka chan) atom. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:16446 The host is installed with Apple QuickTime before 7.4.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:16447 The host is installed with Apple QuickTime before 7.4.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle crafted movie that triggers memory corruption. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:16440 The host is installed with Apple QuickTime before 7.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted compressed PICT image, which triggers the overflow during decoding. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:16441 The host is missing a security update according to Apple advisory, APPLE-SA-2008-01-15. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arb ... oval:org.mitre.oval:def:6135 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL. oval:org.mitre.oval:def:6258 Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. oval:org.mitre.oval:def:6132 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms. oval:org.secpod.oval:def:16439 The host is installed with Apple QuickTime before 7.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a movie file with Image Descriptor (IDSC) atoms containing an invalid atom size, which triggers memory corruption. Successful exploitat ... oval:org.secpod.oval:def:5762 The host is installed with Quicktime before 7.7.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted text track in a movie file. Successful exploitation could allow attackers to execute arbitrary code or crash th ... oval:org.secpod.oval:def:5761 The host is installed with Quicktime before 7.7.2 and is prone to multiple stack overflow vulnerabilities. The flaws are present in the application, which fails to properly handle TeXML files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5763 The host is installed with Quicktime before 7.7.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle H.264 encoded movie files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5768 The host is installed with Quicktime before 7.7.2 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted QTMovie object. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.mitre.oval:def:7513 CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDMC encoding. oval:org.secpod.oval:def:5771 The host is installed with Quicktime before 7.7.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with JPEG2000 encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the se ... oval:org.secpod.oval:def:5777 The host is installed with Quicktime before 7.7.2 and is prone to a buffer underflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5766 The host is installed with Quicktime before 7.7.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted audio samples. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5767 The host is installed with Quicktime before 7.7.2 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3098 The host is installed with Apple QuickTime before 7.7.1 or Apple iTunes before 10.5 and is prone to an buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with H.264 encoding. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:5838 The host is missing a critical security update according to Apple advisory, APPLE-SA-2011-10-26-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize malicious data. Successful exploitation could allow attackers to execute arbitr ... oval:org.secpod.oval:def:5778 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-15-1. The update is required to fix a buffer underflow vulnerability. The flaws are present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:3104 The host is installed with Apple QuickTime before 7.7.1 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted font table in a QuickTime movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:5765 The host is installed with Quicktime before 7.7.2 and is prone to an off-by-one error vulnerability. A flaw is present in the application, which fails to properly handle a crafted rdrf atom in a movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5764 The host is installed with Quicktime before 7.7.2 and is prone to an uninitialized memory access vulnerability. A flaw is present in the application, which fails to properly handle a crafted MP4 file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5769 The host is installed with Quicktime before 7.7.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PNG file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3105 The host is installed with Apple QuickTime before 7.7.1 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with FLC encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3106 The host is installed with Apple QuickTime before 7.7.1 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with JPEG2000 encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ... oval:org.secpod.oval:def:11692 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle 'enof' atoms. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11693 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted QTIF file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11694 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted FPX file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11695 The host is installed with Apple QuickTime before 7.74.80.86 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MP3 files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5772 The host is installed with Quicktime before 7.7.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with RLE encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the service ... oval:org.secpod.oval:def:5775 The host is installed with Quicktime before 7.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted .pict file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5774 The host is installed with Quicktime before 7.7.2 and is prone to an Integer overflow vulnerability. A flaw is present in the application, which fails to properly handle sean atoms. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:21488 The host is installed with Apple QuickTime before 7.7.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows attackers to execute arbitrary code or cause unexpected application termination. oval:org.secpod.oval:def:21489 The host is installed with Apple QuickTime before 7.7.6 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MIDI file. Successful exploitation allows attackers to execute arbitrary code or cause unexpected application termination. oval:org.secpod.oval:def:21490 The host is installed with Apple QuickTime before 7.7.6 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted m4a file. Successful exploitation allows attackers to execute arbitrary code or cause unexpected application termination. oval:org.secpod.oval:def:21491 The host is missing a security update according to Apple advisory, APPLE-SA-2014-10-22-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted movie file, a crafted MIDI file or a crafted m4a file. Successful exploitation a ... oval:org.secpod.oval:def:21487 The host is installed with Apple QuickTime before 7.7.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows attackers to execute arbitrary code or cause unexpected application termination. oval:org.secpod.oval:def:25228 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:25229 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:25234 The host is missing a security update according to Apple advisory, APPLE-SA-2015-06-30-5. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termina ... oval:org.secpod.oval:def:25230 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:25225 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:25226 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:25227 The host is installed with Apple QuickTime before 7.7.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation may lead to an unexpected application termination or arbitrary code execution. oval:org.secpod.oval:def:7890 The host is installed with Apple QuickTime before 7.7.3 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle 'rnet' boxes in MP4 files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:7891 The host is missing a security update according to Apple advisory, APPLE-SA-2012-11-07-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted files. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:16491 The host is installed with Apple QuickTime before 7.6.9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted GIF file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16492 The host is installed with Apple QuickTime before 7.6.9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted GIF file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16490 The host is installed with Apple QuickTime before 7.6.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted FlashPix file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16488 The host is installed with Apple QuickTime before 7.6.9 and is prone to an integer signedness error vulnerability. A flaw is present in the application, which fails to properly handle a crafted MPEG movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the serv ... oval:org.secpod.oval:def:16489 The host is installed with Apple QuickTime before 7.6.9 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted Sorenson movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16486 The host is installed with Apple QuickTime before 7.6.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary. Successful expl ... oval:org.secpod.oval:def:16487 The host is installed with Apple QuickTime before 7.6.9 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted MPEG movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16484 The host is installed with Apple QuickTime before 7.6.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted JP2 file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:16485 The host is installed with Apple QuickTime before 7.6.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted JP2 file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:4307 The host is installed with Apple QuickTime before 7.6.9 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted jp2 image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:2003 The host is missing a security update according to APPLE-SA-2011-08-03-1. The update is required to fix multiple buffer overflow vulnerabilities. The flaws are present in the application which fails to properly handle certain movie files. Successful exploitation allows remote attackers to execute ar ... oval:org.secpod.oval:def:2006 The host is installed with Apple QuickTime before 7.7 and is prone to buffer overflow vulnerability. A flaw is present in the application which fails to properly handle JPEG files. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. |