What is CVE-2015-3789?

CVE-2015-3789 is a vulnerability in Apple Mac_os_x, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2015-08-17.

Is CVE-2015-3789 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Apple Mac_os_x

CVE-2015-3789

QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-37…

Vulnerability class: Buffer Overflow

EPSS: 0.032 (87.4th percentile) — read the EPSS interpretation.

Affected products

Apple Mac_os_x
Apple Quicktime — versions 7.0.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

product-security@apple.com (x_refsource_CONFIRM, Vendor Advisory)
76340 (vdb-entry, x_refsource_BID)
APPLE-SA-2015-08-13-2 (vendor-advisory, x_refsource_APPLE, Vendor Advisory)
APPLE-SA-2015-08-20-1 (vendor-advisory, x_refsource_APPLE, Patch, Vendor Advisory)
product-security@apple.com (x_refsource_CONFIRM, Vendor Advisory)
1033276 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2015-3789?: CVE-2015-3789 is a vulnerability in Apple Mac_os_x, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2015-08-17.
Is CVE-2015-3789 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.