Remote Code Execution Risk in QuickTime 7 on Apple OS X
CVE-2015-3779

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime
Vendor: CVE Published:; 16 August 2015

Summary

QuickTime 7 on Apple OS X versions prior to 10.10.5 is susceptible to a vulnerability that could allow remote attackers to execute arbitrary code or induce a denial of service. This exploitation is achievable via specially crafted files that lead to memory corruption and potential application crashes. This vulnerability is distinct from several others identified in the same timeframe.

References

http://www.securityfocus.com/bid/76340

vdb-entryx_refsource_BID

http://lists.apple.com/archives/security-announce/2015/Au...

vendor-advisoryx_refsource_APPLE

https://support.apple.com/kb/HT205031

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 16, 2015
Vulnerability Reserved
May 7, 2015