CVE-2005-1579

Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker.

Publication date: Thu, 12 May 2005 09:00:00 +0000


Cyber News related to CVE-2005-1579

CVE-2005-1334 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1579. Reason: This candidate is a duplicate of CVE-2005-1579. Notes: All CVE users should reference CVE-2005-1579 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
CVE-2005-1579 - Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the ...
13 years ago
CVE-2015-1579 - Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this ...
7 years ago
CVE-2009-1381 - The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a ...
1 year ago
CVE-2021-1579 - A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only ...
2 years ago
CVE-2001-1579 - The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. ...
16 years ago
CVE-2003-1579 - Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP ...
14 years ago
CVE-2012-1579 - The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information. ...
12 years ago
CVE-2002-1579 - SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error. ...
7 years ago
CVE-2004-1579 - index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid cat_id parameter, which reveals the full path in a PHP error message. ...
7 years ago
CVE-2008-1579 - Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. ...
7 years ago
CVE-2011-1579 - The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or ...
7 years ago
CVE-2013-1579 - The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote ...
7 years ago
CVE-2009-1579 - The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. ...
7 years ago
CVE-2007-1579 - Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command. ...
7 years ago
CVE-1999-1579 - The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on ...
6 years ago
CVE-2006-1579 - SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter. ...
6 years ago
CVE-2016-1579 - UDM provides support for running commands after a download is completed, this is currently made use of for click package installation. This functionality was not restricted to unconfined applications. Before UDM version 1.2+16.04.20160408-0ubuntu1 ...
5 years ago
CVE-2019-1579 - Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary ...
4 years ago
CVE-2020-1579 - An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory. ...
10 months ago
CVE-2022-1579 - The function check_is_login_page() uses headers for the IP check, which can be easily spoofed. ...
2 years ago
CVE-2010-1579 - Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security ...
1 year ago
CVE-2023-1579 - Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. ...
1 year ago
CVE-2014-1579 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none ...
54 years ago Tenable.com
CVE-2024-1579 - Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea GateManager (Webserver modules) allows Session Hijacking.This issue affects GateManager: before 11.2.624071020. ...
7 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)