Sign-up

ID

VAR-201507-0433


CVE

CVE-2015-3669


TITLE

Apple QuickTime of QT Media Foundation Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-003391

DESCRIPTION

QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3665. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of SGI Image Files. By providing a malformed file, an attacker can overflow a fixed sized region of the heap. This could allow an attacker to execute arbitrary code under the context of the current process. Versions prior to QuickTime 7.7.7 are vulnerable on Windows 7 and Vista. Apple QuickTime is a multimedia playback software developed by Apple (Apple). The software is capable of handling multiple sources such as digital video, media segments, and more. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3661 : G. Geshev working with HP's Zero Day Initiative CVE-2015-3662 : kdot working with HP's Zero Day Initiative CVE-2015-3663 : kdot working with HP's Zero Day Initiative CVE-2015-3664 : Andrea Micalizzi (rgod) working with HP's Zero Day Initiative CVE-2015-3665 : WanderingGlitch of HP's Zero Day Initiative CVE-2015-3666 : Steven Seeley of Source Incite working with HP's Zero Day Initiative CVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3668 : Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3669 : kdot working with HP's Zero Day Initiative QuickTime 7.7.7 may be obtained from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ You may also update to the latest version of QuickTime via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJVkxVvAAoJEBcWfLTuOo7tuGoP/3oURL1tC5dv/+ZDKV/nI9Ug WOJoeVUIT662wG7JLEEnhS94VAlChogFcgXNIrms72ApocBMxj81NIsjIjJPqmbg 3UgOHVcA7xYCUTvm5Q3Cj4zZRJ14J47GLu3On1bLtpFPcQRsAyeMIwtbawt6vYoB qiQ7rYvtT02/SBXor0RojmIuo4kMZz2twpjZHGf5aOu/0CzuzA/TPJ1FRALWmvGx rIy4bS0QPqbzg7A/TT+1X9e7pCdY/Hmn3GMFBk3cX0cLfQN8XHxMU/JJ8ja7vbl4 LfB9xuy6CJL9S1w6W/U5/4WVb5k5AXb9mF1KsfxffBGZnOqLxMGWlbr9holSBRfh /BRbaLhNG9DQ9DMO9i7sjdFs3uVM9U3M0G/0TPed2+S8WBOgac+x9OCpM3u9aOjP 3nWiA4WDsurl8DFdZwt5mAi+OoocYQARS4g+JghVkBZ982MXGeisamqyec3BQVzs i75lzDBPp6pW+TJj0GlEFTa2qf/n3YsL5au6RubFHb62qNq7SmmNj0GmBVddZIDd I3TZ72sqievGv0UMMzYhIWeZCUJmSpsr2tJ9pkdH8SkmsEClGJHtwOscevQIhqPz WfhRPgPmGE/0QBtDHRciVWxJ9jfH4AG79+69FqEE1QIew/+/hZcK0IJyttqOVli7 3l2PXTYo9ZOODysgzAFn =Srvg -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2015-3669 // JVNDB: JVNDB-2015-003391 // ZDI: ZDI-15-292 // BID: 75497 // VULHUB: VHN-81630 // PACKETSTORM: 132528

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.10.3

Trust: 1.0

vendor:applemodel:quicktimescope:lteversion:7.7.6

Trust: 1.0

vendor:applemodel:quicktimescope:ltversion:7.7.7 (windows 7)

Trust: 0.8

vendor:applemodel:quicktimescope:ltversion:7.7.7 (windows vista)

Trust: 0.8

vendor:applemodel:quicktimescope: - version: -

Trust: 0.7

vendor:applemodel:mac os xscope:eqversion:10.10.3

Trust: 0.6

vendor:applemodel:quicktimescope:eqversion:7.7.6

Trust: 0.6

vendor:applemodel:quicktimescope:eqversion:7.6

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7.3.4

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7.2

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7

Trust: 0.3

sources: ZDI: ZDI-15-292 // BID: 75497 // JVNDB: JVNDB-2015-003391 // CNNVD: CNNVD-201507-031 // NVD: CVE-2015-3669

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3669
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-3669
value: MEDIUM

Trust: 0.8

ZDI: CVE-2015-3669
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201507-031
value: MEDIUM

Trust: 0.6

VULHUB: VHN-81630
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-3669
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

VULHUB: VHN-81630
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: ZDI: ZDI-15-292 // VULHUB: VHN-81630 // JVNDB: JVNDB-2015-003391 // CNNVD: CNNVD-201507-031 // NVD: CVE-2015-3669

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-81630 // JVNDB: JVNDB-2015-003391 // NVD: CVE-2015-3669

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-031

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201507-031

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-003391

PATCH
title:APPLE-SA-2015-06-30-5 QuickTime 7.7.7url:http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html
Trust: 0.8
title:HT204947url:http://support.apple.com/en-us/HT204947
Trust: 0.8
title:HT204947url:http://support.apple.com/ja-jp/HT204947
Trust: 0.8
title:Apple has issued an update to correct this vulnerability.url:http://support.apple.com/kb/HT1222
Trust: 0.7
title:quicktime7.7.7_installerurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56517
Trust: 0.6
title:osxupd10.10.4url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56516
Trust: 0.6
title:iPhone7,1_8.4_12H143_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56515
Trust: 0.6
sources:
            
            
            ZDI: ZDI-15-292 // 
            
            
            
            JVNDB: JVNDB-2015-003391 // 
            
            
            
            CNNVD: CNNVD-201507-031

EXTERNAL IDS
db:NVDid:CVE-2015-3669
Trust: 3.6
db:BIDid:75497
Trust: 1.4
db:SECTRACKid:1032756
Trust: 1.1
db:JVNDBid:JVNDB-2015-003391
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2948
Trust: 0.7
db:ZDIid:ZDI-15-292
Trust: 0.7
db:CNNVDid:CNNVD-201507-031
Trust: 0.7
db:VULHUBid:VHN-81630
Trust: 0.1
db:PACKETSTORMid:132528
Trust: 0.1
sources:
            
            
            ZDI: ZDI-15-292 // 
            
            
            
            VULHUB: VHN-81630 // 
            
            
            
            BID: 75497 // 
            
            
            
            JVNDB: JVNDB-2015-003391 // 
            
            
            
            PACKETSTORM: 132528 // 
            
            
            
            CNNVD: CNNVD-201507-031 // 
            
            
            
            NVD: CVE-2015-3669

REFERENCES
url:http://lists.apple.com/archives/security-announce/2015/jun/msg00005.html
Trust: 1.7
url:http://support.apple.com/kb/ht204947
Trust: 1.7
url:http://www.securityfocus.com/bid/75497
Trust: 1.1
url:http://www.securitytracker.com/id/1032756
Trust: 1.1
url:http://support.apple.com/kb/ht1222
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3669
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3669
Trust: 0.8
url:http://www.apple.com/quicktime/
Trust: 0.3
url:http://www.apple.com/quicktime/download/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3661
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3662
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3666
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3663
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3665
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3668
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3669
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3664
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3667
Trust: 0.1
sources:
            
            
            ZDI: ZDI-15-292 // 
            
            
            
            VULHUB: VHN-81630 // 
            
            
            
            BID: 75497 // 
            
            
            
            JVNDB: JVNDB-2015-003391 // 
            
            
            
            PACKETSTORM: 132528 // 
            
            
            
            CNNVD: CNNVD-201507-031 // 
            
            
            
            NVD: CVE-2015-3669

CREDITS
kdot
Trust: 0.7
sources:
            
            
            ZDI: ZDI-15-292

SOURCES
db:ZDIid:ZDI-15-292
db:VULHUBid:VHN-81630
db:BIDid:75497
db:JVNDBid:JVNDB-2015-003391
db:PACKETSTORMid:132528
db:CNNVDid:CNNVD-201507-031
db:NVDid:CVE-2015-3669

LAST UPDATE DATE
2025-04-13T20:46:20.318000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-15-292date:2015-07-01T00:00:00
db:VULHUBid:VHN-81630date:2016-12-28T00:00:00
db:BIDid:75497date:2015-07-15T00:52:00
db:JVNDBid:JVNDB-2015-003391date:2015-07-07T00:00:00
db:CNNVDid:CNNVD-201507-031date:2015-07-10T00:00:00
db:NVDid:CVE-2015-3669date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:ZDIid:ZDI-15-292date:2015-07-01T00:00:00
db:VULHUBid:VHN-81630date:2015-07-03T00:00:00
db:BIDid:75497date:2015-06-30T00:00:00
db:JVNDBid:JVNDB-2015-003391date:2015-07-07T00:00:00
db:PACKETSTORMid:132528date:2015-07-02T11:11:11
db:CNNVDid:CNNVD-201507-031date:2015-07-03T00:00:00
db:NVDid:CVE-2015-3669date:2015-07-03T01:59:27.573