| VID |
28038 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of the Quicktime player is vulnerable to a buffer overflow attack.
QuickTime Player is a popular media player for both the Microsoft Windows and Apple Mac platforms. An exploitable buffer overflow condition has been discovered in Apple Computer Inc.'s QuickTime Player, allowing for the remote execution of arbitrary code. This exploit is only possible if the attacker can convince a user to load a specially crafted QuickTime URL. Upon successful exploitation, arbitrary code can be executed under the privileges of the QuickTime user.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.idefense.com/advisory/03.31.03.txt
http://lists.apple.com/mhonarc/security-announce/msg00027.html
http://www.securiteam.com/windowsntfocus/5NP020A9PW.html
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0166.html
* Platforms Affected:
QuickTime Player versions 5.x and 6.0 for the Microsoft Windows platform |
| Recommendation |
Upgrade to the latest version of Quicktime Player (6.1 or later).
QuickTime 6.1 for Windows is available via:
http://www.apple.com/quicktime/download/
-- OR --
"Update Existing Software" menu item in QuickTime Player |
| Related URL |
CVE-2003-0168 (CVE) |
| Related URL |
7247 (SecurityFocus) |
| Related URL |
(ISS) |
|
