CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-7089
https://notcve.org/view.php?id=CVE-2015-7089
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. Apple QuickTime en versiones anteriores a 7.7.9 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo movie manipulado, una vulnerabilidad diferente a CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092 y CVE-2015-7117. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html http://www.securitytracker.com/id/1034610 https://support.apple.com/HT205638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-7090
https://notcve.org/view.php?id=CVE-2015-7090
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. Apple QuickTime en versiones anteriores a 7.7.9 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo movie manipulado, una vulnerabilidad diferente a CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092 y CVE-2015-7117. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html http://www.securitytracker.com/id/1034610 https://support.apple.com/HT205638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-7091
https://notcve.org/view.php?id=CVE-2015-7091
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7092, and CVE-2015-7117. Apple QuickTime en versiones anteriores a 7.7.9 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo movie manipulado, una vulnerabilidad diferente a CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7092 y CVE-2015-7117. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html http://www.securitytracker.com/id/1034610 https://support.apple.com/HT205638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-7117
https://notcve.org/view.php?id=CVE-2015-7117
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7092. Apple QuickTime en versiones anteriores a 7.7.9 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo movie manipulado, una vulnerabilidad diferente a CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091 y CVE-2015-7092. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html http://www.securitytracker.com/id/1034610 https://support.apple.com/HT205638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 35%CPEs: 1EXPL: 0CVE-2015-7092 – Apple QuickTime ID3 Tag Heap Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7092
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted TXXX frame within an ID3 tag in MP3 data in a movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7117. Apple QuickTime en versiones anteriores a 7.7.9 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y caída de la aplicación) a través de un frame TXXX manipulado en una etiqueta ID3 en datos MP3 en un archivo movie, una vulnerabilidad diferente a CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091 y CVE-2015-7117. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ID3 version tags in MP3 files. By providing a malformed TXXX frame, an attacker can cause data to be written past the end of an allocated heap buffer. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html http://www.securitytracker.com/id/1034610 http://www.zerodayinitiative.com/advisories/ZDI-16-002 https://support.apple.com/HT205638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •