Korean

<< Back VID 28127 Severity 40 Port 139,445 Protocol TCP Class SMB Detailed Description A version of QuickTime Player which is older than 7.0.4 is detected as installed on the host. Apple's QuickTime Player is a player that allow users to view local and remote multimedia content. QuickTime Player versions prior to 7.0.4 could allow a remote attacker to execute arbitrary code, caused by multiple buffer overflow vulnerabilities. By convincing a user to execute a specially crafted QuickTime file (.mov, QTIF, TGA, TIFF or GIF image), an attacker could cause QuickTime to crash or potentially execute arbitrary code. * Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041289.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041290.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041291.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041292.html http://www.cirt.dk/advisories/cirt-41-advisory.pdf http://lists.apple.com/archives/security-announce/2006/Jan/msg00001.html http://docs.info.apple.com/article.html?artnum=303101 http://www.frsirt.com/english/advisories/2005/3012 http://www.security-protocols.com/advisory/sp-x21-advisory.txt http://secunia.com/advisories/18370/ http://secunia.com/advisories/18149 * Platforms Affected: Apple Computer, Inc., QuickTime Player versions prior to 7.0.4 (for Windows) Apple Computer, Inc., Mac OS 10.x Microsoft Windows Any version Recommendation Upgrade to the latest version of QuickTime Player (7.0.4 or later), available from the Apple Web site at http://www.apple.com/quicktime/ Related URL CVE-2005-2340,CVE-2005-3707,CVE-2005-3708,CVE-2005-3709,CVE-2005-3710,CVE-2005-3711,CVE-2005-3713,CVE-2005-4092 (CVE) Related URL 16202 (SecurityFocus) Related URL (ISS)