Remote Code Execution Vulnerability in QuickTime by Apple
CVE-2015-3791

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime
Vendor: CVE Published:; 17 August 2015

Summary

QuickTime 7 for Apple OS X prior to version 10.10.5 is vulnerable to a remote code execution issue. Attackers can exploit this vulnerability by crafting malicious files that, when opened by the affected application, can lead to memory corruption and potentially allow remote execution of arbitrary code or result in application crashes. This vulnerability forms part of a series of issues affecting QuickTime, necessitating prompt attention and remedial actions to safeguard user systems.

References

https://support.apple.com/HT205046

x_refsource_CONFIRM

http://www.securityfocus.com/bid/76340

vdb-entryx_refsource_BID

http://lists.apple.com/archives/security-announce/2015/Au...

vendor-advisoryx_refsource_APPLE

Timeline

Vulnerability published
Aug 17, 2015
Vulnerability Reserved
May 7, 2015