CVE-2015-5753
https://notcve.org/view.php?id=CVE-2015-5753
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, and CVE-2015-5779. Vulnerabilidad en QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo manipulado, una vulnerabilidad diferente a CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751 y CVE-2015-5779. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://www.securityfocus.com/bid/76340 http://www.securitytracker.com/id/1033276 https://support.apple.com/kb/HT205031 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3667
https://notcve.org/view.php?id=CVE-2015-3667
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3668. QT Media Foundation en Apple QuickTime anterior a 7.7.7, utilizado en OS X anterior a 10.10.4 y otro productos, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero manipulado, una vulnerabilidad diferente a CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, y CVE-2015-3668. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html http://support.apple.com/kb/HT204942 http://support.apple.com/kb/HT204947 http://www.securityfocus.com/bid/75493 http://www.securitytracker.com/id/1032756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3668
https://notcve.org/view.php?id=CVE-2015-3668
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3667. QT Media Foundation en Apple QuickTime anterior a 7.7.7, utilizado en OS X anterior a 10.10.4 y otros productos, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero manipulado, una vulnerabilidad diferente a CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, y CVE-2015-3667. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html http://support.apple.com/kb/HT204942 http://support.apple.com/kb/HT204947 http://www.securityfocus.com/bid/75493 http://www.securitytracker.com/id/1032756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3661 – Apple QuickTime SGI Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3661
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668. QT Media Foundation en Apple QuickTime anterior a 7.7.7, utilizado en OS X anterior a 10.10.4 y otros producots, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero manipulado, una vulnerabilidad diferente a CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, y CVE-2015-3668. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SGI files. The issue lies in the failure to ensure that image data does not exceed the bounds specified by the header. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html http://support.apple.com/kb/HT204942 http://support.apple.com/kb/HT204947 http://www.securityfocus.com/bid/75493 http://www.securitytracker.com/id/1032756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3662 – Apple QuickTime GIF Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3662
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668. QT Media Foundation en Apple QuickTime anterior a 7.7.7, utilizado en OS X anterior a 10.10.4 y otros productos, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero manipulado, una vulnerabilidad diferente a CVE-2015-3661, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, y CVE-2015-3668. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of GIF images. By providing a GIF with malformed image data, an attacker can write data outside the bounds of the data structure. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html http://support.apple.com/kb/HT204942 http://support.apple.com/kb/HT204947 http://www.securityfocus.com/bid/75493 http://www.securitytracker.com/id/1032756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •