Remote Code Execution and Denial of Service in QuickTime 7 for Apple OS X
CVE-2015-3788

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime
Vendor: CVE Published:; 16 August 2015

Summary

QuickTime 7 in Apple's OS X, prior to version 10.10.5, is susceptible to a vulnerability that could enable remote attackers to execute arbitrary code or create a denial of service by providing a specially crafted file. This vulnerability is distinct from other identifiers and poses risks of application crashes and memory corruption.

References

https://support.apple.com/HT205046

x_refsource_CONFIRM

http://www.securityfocus.com/bid/76340

vdb-entryx_refsource_BID

http://lists.apple.com/archives/security-announce/2015/Au...

vendor-advisoryx_refsource_APPLE

Timeline

Vulnerability published
Aug 16, 2015
Vulnerability Reserved
May 7, 2015