Remote Code Execution and Denial of Service in Apple QuickTime
CVE-2015-5786

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime
Vendor: CVE Published:; 25 August 2015

What is CVE-2015-5786?

Apple QuickTime, prior to version 7.7.8, is susceptible to a vulnerability that enables remote attackers to execute arbitrary code or trigger a denial of service scenario through the use of specially crafted files. This vulnerability poses significant risks as it may lead to memory corruption and application crashes, impacting users' systems. It is vital for users to update their QuickTime installations to mitigate these risks.

References

https://support.apple.com/HT205046

x_refsource_CONFIRM

http://www.securitytracker.com/id/1033346

vdb-entryx_refsource_SECTRACK

http://lists.apple.com/archives/security-announce/2015/Au...

vendor-advisoryx_refsource_APPLE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2015
Vulnerability Reserved
Aug 6, 2015