CVE-2011-0186

QuickTime < 7.7.0 - Remote Code Execution via Crafted JPEG2000 Image

Title source: llm
STIX 2.1

Description

QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.

References (3)

Core 3
Core References
Mailing List, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html
Patch, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
Patch, Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4581

Scores

EPSS 0.0261
EPSS Percentile 83.6%

Details

CWE
CWE-787
Status published
Products (2)
apple/mac_os_x < 10.6.7
apple/quicktime < 7.7.0
Published Mar 23, 2011
Tracked Since Feb 18, 2026