|
|
Family: MacOS X Local Security Checks --> Category: infos
Quicktime < 7.1 (Mac OS X) Vulnerability Scan
Vulnerability Scan Summary
Checks version of Quicktime on Mac OS X
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote version of QuickTime is affected by multiple overflow
vulnerabilities.
Description :
The remote Mac OS X host is running a version of Quicktime prior to
7.1.
The remote version of Quicktime is vulnerable to various integer and
buffer overflows involving specially-crafted image and media files.
A possible hacker may be able to leverage these issues to execute arbitrary
code on the remote host by sending a malformed file to a victim and
having him open it using QuickTime player.
See also :
http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045979.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045981.html
http://docs.info.apple.com/article.html?artnum=303752
Solution :
Upgrade to Quicktime version 7.1 or later.
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
