VAR-201601-0143
Vulnerability from variot - Updated: 2025-04-13 23:03Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. Apple QuickTime is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service conditions. Versions prior to Apple QuickTime 7.7.9 are vulnerable. The software is capable of handling multiple sources such as digital video, media segments, and more. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-01-07-1 QuickTime 7.7.9
[Re-sending with a valid signature]
QuickTime 7.7.9 is now available and addresses the following:
QuickTime Available for: Windows 7 and Windows Vista Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7085 : an anonymous researcher CVE-2015-7086 : an anonymous researcher CVE-2015-7087 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-7088 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-7089 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-7090 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-7091 : Pedro Ribeiro (pedrib@gmail.com) of Agile Information Security CVE-2015-7092 : Jaanus Kp Clarified Security working with HP's Zero Day Initiative CVE-2015-7117 : Ryan Pentney and Richard Johnson of Cisco Talos
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWjxMiAAoJEBcWfLTuOo7t16wP/RNhjITSBZmBDZP61IOjKARD 5v69y+LkXLDNPlUkpB15Qjq3HDvZnFDwl3RSlZgAlQDO/GSqqWBnhsAEdO+5AAR1 LZqlVdERGHeeyfpuQ85waxf18O1dbg+R6SwM74SYRBXPujGQk9yT326I0X/EdXON 8upmGfzv8HvPsg712ei5YK8bumxsCh/LqM6TpA6oMF/bltaIbZ/OO3LNovZn9GQc 9taWVwP707FIjnJ7yKHzHnp6fH+79tqi5Dl0uZ7D446c7+B5ehPE7aUd29XqFrpE tgJzSDu2ZuVIz9RpC8Np+Bn8CSKqD6Kao7M5x4CVLWmpIYUpGKTIItUhvtXJ1jFY CyXXgse54w2ZG6hWE2gTmIvyn4/qVaSi8vlguEuk6IvA6kZeLdrc097OMPMPHlN/ I8T2A04Oj6rUsllf2uZih42nwve6CYpC9mh9/HLz0O+m0ue/L9HwIoto87OCmfi3 2RwyAoBLjMZUoOMLr9DjlQglQnTnNY8LjjZKRr9ug5V/tN8F051NeILDDj2vSf0q PI5JHoBD2LnJcxU+XI1JM/9amCYwBHjd94fcSp7H9BkdIzYshW4Deooc58EnjxVv 5hlwMIqqk2m911TsOjNpkVuysABoIB8hX3el3py4V+3sLoM5cVYa+FNS7+FGzG47 UJ/4c68fdMRAbGx4KfoW =ERtQ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0143",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "quicktime",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "quicktime",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.7.9 (windows 7/windows vista)"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.5.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "quicktime player",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
}
],
"sources": [
{
"db": "BID",
"id": "80020"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
},
{
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:quicktime",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ryan Pentney and Richard Johnson of Cisco Talos, Pedro Ribeiroof Agile Information\nSecurity, Jaanus Kp Clarified Security working with HP\u0027s Zero Day Initiative and an anonymous researcher",
"sources": [
{
"db": "BID",
"id": "80020"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7090",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7090",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85051",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2015-7090",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7090",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7090",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-161",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85051",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85051"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
},
{
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. Apple QuickTime is prone to multiple memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service conditions. \nVersions prior to Apple QuickTime 7.7.9 are vulnerable. The software is capable of handling multiple sources such as digital video, media segments, and more. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-01-07-1 QuickTime 7.7.9\n\n[Re-sending with a valid signature]\n\nQuickTime 7.7.9 is now available and addresses the following:\n\nQuickTime\nAvailable for: Windows 7 and Windows Vista\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-7085 : an anonymous researcher\nCVE-2015-7086 : an anonymous researcher\nCVE-2015-7087 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-7088 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-7089 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-7090 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-7091 : Pedro Ribeiro (pedrib@gmail.com) of Agile Information\nSecurity\nCVE-2015-7092 : Jaanus Kp Clarified Security working with HP\u0027s Zero\nDay Initiative\nCVE-2015-7117 : Ryan Pentney and Richard Johnson of Cisco Talos\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJWjxMiAAoJEBcWfLTuOo7t16wP/RNhjITSBZmBDZP61IOjKARD\n5v69y+LkXLDNPlUkpB15Qjq3HDvZnFDwl3RSlZgAlQDO/GSqqWBnhsAEdO+5AAR1\nLZqlVdERGHeeyfpuQ85waxf18O1dbg+R6SwM74SYRBXPujGQk9yT326I0X/EdXON\n8upmGfzv8HvPsg712ei5YK8bumxsCh/LqM6TpA6oMF/bltaIbZ/OO3LNovZn9GQc\n9taWVwP707FIjnJ7yKHzHnp6fH+79tqi5Dl0uZ7D446c7+B5ehPE7aUd29XqFrpE\ntgJzSDu2ZuVIz9RpC8Np+Bn8CSKqD6Kao7M5x4CVLWmpIYUpGKTIItUhvtXJ1jFY\nCyXXgse54w2ZG6hWE2gTmIvyn4/qVaSi8vlguEuk6IvA6kZeLdrc097OMPMPHlN/\nI8T2A04Oj6rUsllf2uZih42nwve6CYpC9mh9/HLz0O+m0ue/L9HwIoto87OCmfi3\n2RwyAoBLjMZUoOMLr9DjlQglQnTnNY8LjjZKRr9ug5V/tN8F051NeILDDj2vSf0q\nPI5JHoBD2LnJcxU+XI1JM/9amCYwBHjd94fcSp7H9BkdIzYshW4Deooc58EnjxVv\n5hlwMIqqk2m911TsOjNpkVuysABoIB8hX3el3py4V+3sLoM5cVYa+FNS7+FGzG47\nUJ/4c68fdMRAbGx4KfoW\n=ERtQ\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7090"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "BID",
"id": "80020"
},
{
"db": "VULHUB",
"id": "VHN-85051"
},
{
"db": "PACKETSTORM",
"id": "135183"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7090",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1034610",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-161",
"trust": 0.7
},
{
"db": "BID",
"id": "80020",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85051",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135183",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85051"
},
{
"db": "BID",
"id": "80020"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "PACKETSTORM",
"id": "135183"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
},
{
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"id": "VAR-201601-0143",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85051"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:03:24.764000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "APPLE-SA-2016-01-07-1 QuickTime 7.7.9",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html"
},
{
"title": "HT205638",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205638"
},
{
"title": "HT205638",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205638"
},
{
"title": "Apple QuickTime Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59515"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85051"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jan/msg00000.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht205638"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034610"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7090"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7090"
},
{
"trust": 0.3,
"url": "http://www.apple.com/quicktime/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7087"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7092"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7089"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7117"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7085"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85051"
},
{
"db": "BID",
"id": "80020"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "PACKETSTORM",
"id": "135183"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
},
{
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-85051"
},
{
"db": "BID",
"id": "80020"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"db": "PACKETSTORM",
"id": "135183"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
},
{
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-09T00:00:00",
"db": "VULHUB",
"id": "VHN-85051"
},
{
"date": "2016-01-07T00:00:00",
"db": "BID",
"id": "80020"
},
{
"date": "2016-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"date": "2016-01-08T15:15:28",
"db": "PACKETSTORM",
"id": "135183"
},
{
"date": "2016-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-161"
},
{
"date": "2016-01-09T02:59:06.923000",
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-85051"
},
{
"date": "2016-02-02T20:26:00",
"db": "BID",
"id": "80020"
},
{
"date": "2016-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006713"
},
{
"date": "2016-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-161"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7090"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006713"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-161"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…