| CVE ID | CVE-2015-3663 |
| CVSS SCORE | 6.8, AV:N/AC:M/Au:N/C:P/I:P/A:P |
| AFFECTED VENDORS |
Apple |
| AFFECTED PRODUCTS |
QuickTime |
| VULNERABILITY DETAILS |
The specific flaw exists within the handling of GIF images. By providing a GIF with a malformed image descriptor, an attacker can write data outside the bounds of the data structure. An attacker could leverage this to execute arbitrary code in the context of the QuickTime process. |
| ADDITIONAL DETAILS |
Apple has issued an update to correct this vulnerability. More details can be found at:
http://support.apple.com/kb/HT201222 |
| DISCLOSURE TIMELINE |
|
| CREDIT | kdot |
