Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference.
Max CVSS
2.6
EPSS Score
0.58%
Published
2005-11-05
Updated
2018-10-19
Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.
Max CVSS
2.1
EPSS Score
0.04%
Published
2010-12-09
Updated
2017-09-19
2 vulnerabilities found