| VID |
28144 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of QuickTime Player which is older than 7.1 has been installed on the host. Apple's QuickTime Player is a player that allow users to view local and remote multimedia content. QuickTime Player versions prior to 7.1 could allow a remote attacker to execute arbitrary code, caused by multiple buffer overflow vulnerabilities. By convincing a user to execute a specially crafted QuickTime file (BMP, PICT, AVI, JPEG or FlashPix image, or QuickTime, Flash, MPEG4 or H.264 movie), an attacker could cause QuickTime to crash or potentially execute arbitrary code.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://docs.info.apple.com/article.html?artnum=303752
http://lists.apple.com/archives/security-announce/2006/May/msg00002.html
http://www.us-cert.gov/cas/techalerts/TA06-132B.html
http://www.frsirt.com/english/advisories/2006/1778
* Platforms Affected:
Apple Computer, Inc., QuickTime Player versions prior to 7.1 (for Windows)
Apple Computer, Inc., Mac OS 10.x
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of QuickTime Player (7.1 or later), available from the Apple Web site at http://www.apple.com/quicktime/ |
| Related URL |
CVE-2006-1454,CVE-2006-1458,CVE-2006-1459,CVE-2006-1460,CVE-2006-1461,CVE-2006-1462,CVE-2006-1463,CVE-2006-1464,CVE-2006-1465,CVE-2006-2238 (CVE) |
| Related URL |
17074,17953 (SecurityFocus) |
| Related URL |
26392,26393,26394,26395,26396,26397,26399,26400,26401,26402 (ISS) |
|
