Kaspersky LabKLA10621KLA10621 Multiple vulnerabilities in Apple QuickTime
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.707 High
EPSS
Percentile
98.0%
Detect date:
06/30/2015
Severity:
High
Description:
Memory corruption vulnerabilities were found in Apple QuickTime. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed file.
Affected products:
Apple QuickTime versions earlier than 7.7.7
Solution:
Update to the latest version
Get Quicktime
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2015-36696.8High
CVE-2015-36676.8High
CVE-2015-36666.8High
CVE-2015-36636.8High
CVE-2015-36626.8High
CVE-2015-36656.8High
CVE-2015-36646.8High
CVE-2015-36686.8High
CVE-2015-36616.8High
References
www.apple.com/support/mac-apps/quicktime/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3661
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3664
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3669
statistics.securelist.com/vulnerability-scan/month
support.apple.com/en-us/HT204947
threats.kaspersky.com/en/product/Apple-QuickTime/
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.707 High
EPSS
Percentile
98.0%