Lucene search

K
cveAppleCVE-2015-5785
HistoryAug 25, 2015 - 1:59 a.m.

CVE-2015-5785

2015-08-2501:59:08
CWE-119
apple
web.nvd.nist.gov
42
apple
quicktime
cve-2015-5785
nvd
remote code execution
memory corruption
denial of service

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.018

Percentile

88.4%

Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5786.

Affected configurations

Nvd
Node
applequicktimeRange7.7.7
VendorProductVersionCPE
applequicktimecpe:/a:apple:quicktime::::

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.018

Percentile

88.4%