Published: 16/08/2015 Updated: 21/09/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

QuickTime 7 in Apple OS X prior to 10.10.5 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple quicktime 7.0.0

Use QuickTime … and become part of the collective

The Register • Team Register • 14 Aug 2015

Malformed .MOV files can murder your movies

Two Borg assimilators have discovered five denial of service vulnerabilities in Apple's QuickTime. The five vulnerabilities (CVE-2015-3788 to 3792) affect the latest version of QuickTime up to the patched 7.7.7 for Windows 7. Ryan Pentney and Richard Johnson of Cisco's Talos security talon reported the memory corruption holes which manifest due to improper handling of objects in memory. "An adversary who crafts a specifically formatted .MOV file can cause QuickTime to terminate unexpectedly, cre...

CVE-2015-3788

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect