- Home
- CVEs with nessus.description==The version of Apple QuickTime installed on the remote Windows host is prior to 7.7.8. It is, therefore, affected by multiple arbitrary code execution vulnerabilities :
- A memory corruption issue exists due to improper validation of user-supplied input when handling URL atom sizes. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-3788)
- A memory corruption issue exists due to improper validation of user-supplied input when handling 3GPP STSD sample description entry sizes. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user.
(CVE-2015-3789)
- A memory corruption issue exists due to improper validation of user-supplied input when handling MVHD atom sizes. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-3790)
- A memory corruption issue exists due to improper validation of user-supplied input when handling mismatching ESDS atom descriptor type lengths. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-3791)
- A memory corruption issue exists due to improper validation of user-supplied input when handling MDAT sections. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-3792)
- An unspecified memory corruption issue exists due to improper validation of user-supplied input. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-5751)
- An unspecified memory corruption issue exists due to improper validation of user-supplied input. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-5779)
- An unspecified memory corruption issue exists due to improper validation of user-supplied input. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-5785)
- An unspecified memory corruption issue exists due to improper validation of user-supplied input. A remote attacker can exploit this issue by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user. (CVE-2015-5786)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top