Buffer Overflow in QT Media Foundation on Apple OS X
CVE-2014-4350

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Mac Os X Server
Vendor: CVE Published:; 19 September 2014

What is CVE-2014-4350?

A buffer overflow vulnerability exists in the QT Media Foundation component of Apple OS X prior to 10.9.5. This flaw allows remote attackers to exploit a crafted MIDI file to execute arbitrary code on the affected system or trigger a denial of service, causing the application to crash. Users are advised to apply the latest updates to safeguard against potential exploitation.

References

http://www.securityfocus.com/bid/69908

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/96050

vdb-entryx_refsource_XF

https://support.apple.com/kb/HT6493

x_refsource_CONFIRM

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2014
Vulnerability Reserved
Jun 20, 2014