9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.096 Low
EPSS
Percentile
94.7%
02/25/2014
Critical
Multiple serious vulnerabilities have been found in Apple QuickTime. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities
Apple QuickTime versions 7.7.4. and earlier
Update to latest version
QuickTime
ACE
CVE-2014-12449.3Critical
CVE-2014-12459.3Critical
CVE-2014-12469.3Critical
CVE-2014-12479.3Critical
CVE-2014-12499.3Critical
CVE-2014-12489.3Critical
CVE-2013-10326.8High
CVE-2014-12509.3Critical
CVE-2014-12439.3Critical
CVE-2014-12519.3Critical
support.apple.com/kb/HT6151
www.apple.com/quicktime/download/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1032
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1243
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1244
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1245
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1246
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1247
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1250
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1251
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Apple-QuickTime/