Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10653
HistoryMay 18, 2015 - 12:00 a.m.

KLA10653 Code execution vulnerability in QuickTime

2015-05-1800:00:00
Kaspersky Lab
threats.kaspersky.com
48

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.573 Medium

EPSS

Percentile

97.7%

JSON

An unspecified vulnerability was found in QuickTime. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file.

Original advisories

Apple advisory

Related products

Apple-QuickTime

CVE list

CVE-2015-5779 critical

CVE-2015-3791 high

CVE-2015-3790 high

CVE-2015-3792 high

CVE-2015-5751 high

CVE-2015-3789 high

CVE-2015-5785 high

CVE-2015-5786 high

CVE-2015-3788 high

Solution

Update to the latest version

Get Apple QuickTime

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • Apple QuickTime versions earlier than 7.7.8

Related

securityvulns 4
openvas 2
nessus 5
threatpost 1
cve 12
prion 12
cvelist 12
nvd 12
talos 6
checkpoint_advisories 1
securityvulns
securityvulns
APPLE-SA-2015-08-20-1 QuickTime 7.7.8
2015-08-23 00:00:00
Apple QuickTime multiple security vulnerabilities
2015-08-23 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2015-08-17 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities (Sep 2015) - Windows
2015-09-01 00:00:00
Apple Mac OS X Multiple Vulnerabilities-03 (Oct 2015)
2015-10-29 00:00:00
nessus
nessus
Apple QuickTime < 7.7.8 Multiple Arbitrary Code Vulnerabilities (Windows)
2015-08-27 00:00:00
Apple QuickTime < 7.7.8 Multiple Vulnerabilities
2016-04-20 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2015-006)
2015-08-17 00:00:00
threatpost
threatpost
August 2015 Apple QuickTime Security Patches
2015-08-21 09:34:29
cve
cve
CVE-2015-5751
2015-08-17 00:00:31
CVE-2015-3792
2015-08-17 00:00:06
CVE-2015-5779
2015-08-17 00:01:04
prion
prion
Memory corruption
2015-08-17 00:00:00
Memory corruption
2015-08-17 00:00:00
Memory corruption
2015-08-17 00:00:00
cvelist
cvelist
CVE-2015-3790
2015-08-16 23:00:00
CVE-2015-5779
2015-08-16 23:00:00
CVE-2015-3791
2015-08-16 23:00:00
nvd
nvd
CVE-2015-3791
2015-08-17 00:00:04
CVE-2015-5751
2015-08-17 00:00:31
CVE-2015-3765
2015-08-16 23:59:38
talos
talos
Apple Quicktime Invalid URL Atom Size Denial of Service Vulnerability
2015-08-13 00:00:00
Apple Quicktime tkhd Atom Matrix Corruption Denial of Service Vulnerability
2015-07-20 00:00:00
Apple Quicktime Invalid 3GPP stsd Sample Description Entry Size Denial of Service Vulnerability
2015-08-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple Quicktime Remote Code Execution (CVE-2015-3788)
2021-04-21 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.573 Medium

EPSS

Percentile

97.7%

JSON
Related for KLA10653
securityvulns4openvas2nessus5threatpost1cve12prion12cvelist12nvd12talos6checkpoint_advisories1