Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom.
CVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:CApple Quicktime
APPApplewszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDoS
CWE
Related vulnerabilities
CVE-2011-3428CRITICAL9.8ten sam produkt
Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code.
CVE-2017-2218HIGH7.8ten sam produkt
Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privilege...
CVE-2015-5779HIGH7.5ten sam produkt
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2014-1245HIGH9.3ten sam produkt
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or ...
CVE-2014-1243HIGH9.3ten sam produkt
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to exec...