Memory Corruption in Apple QuickTime Allows Remote Code Execution
CVE-2015-3661

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime
Vendor: CVE Published:; 3 July 2015

What is CVE-2015-3661?

The QT Media Foundation in Apple QuickTime versions prior to 7.7.7, and OS X versions before 10.10.4, is susceptible to a memory corruption flaw. This vulnerability allows remote attackers the potential to execute arbitrary code or cause a denial of service by utilizing a specially crafted file. This issue is distinct from other identified vulnerabilities like CVE-2015-3662 and others, emphasizing the need for users to remain vigilant and update their software to mitigate risks.

References

http://support.apple.com/kb/HT204947

x_refsource_CONFIRM

http://lists.apple.com/archives/security-announce/2015/Ju...

vendor-advisoryx_refsource_APPLE

http://www.securityfocus.com/bid/75493

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2015
Vulnerability Reserved
May 7, 2015