Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom.
oryginał ENCVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:CApple Quicktime
APPApplewszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEDoS
CWE
Powiązane podatności
CVE-2011-3428CRITICAL9.8ten sam produkt
Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code.
CVE-2017-2218HIGH7.8ten sam produkt
Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privilege...
CVE-2015-5779HIGH7.5ten sam produkt
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2014-1245HIGH9.3ten sam produkt
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or ...
CVE-2014-1243HIGH9.3ten sam produkt
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to exec...