PT-2012-4962 · Apple · Ios+3
Will Dormann
·
Published
2012-09-20
·
Updated
2017-08-29
·
CVE-2012-3722
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
QuickTime in Apple Mac OS X versions prior to 10.7.5
CoreMedia in iOS versions prior to 6
Description
The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted movie file with Sorenson encoding. This is due to the Sorenson codec accessing uninitialized memory locations.
Recommendations
For QuickTime in Apple Mac OS X versions prior to 10.7.5, update to version 10.7.5 or later to resolve the issue.
For CoreMedia in iOS versions prior to 6, update to iOS version 6 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coremedia
Macos X
Apple Quicktime
Ios