| VID |
28156 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of QuickTime Player which is older than 7.1.3 has been installed on the host. Apple's QuickTime Player is a player that allow users to view local and remote multimedia content. QuickTime Player versions prior to 7.1.3 could allow a remote attacker to execute arbitrary code, caused by multiple buffer overflow vulnerabilities. By convincing a user to execute a specially crafted QuickTime file (SGI or FlashPix image, or QuickTime, FLIC or H.264 movie), an attacker could cause QuickTime to crash or potentially execute arbitrary code.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://docs.info.apple.com/article.html?artnum=304357
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049419.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049442.html
http://www.us-cert.gov/cas/techalerts/TA06-256A.html
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=413
http://www.kb.cert.org/vuls/id/540348
http://www.kb.cert.org/vuls/id/683700
http://www.kb.cert.org/vuls/id/200316
http://www.kb.cert.org/vuls/id/308204
http://www.kb.cert.org/vuls/id/489836
* Platforms Affected:
Apple Computer, Inc., QuickTime Player versions prior to 7.1.3 (for Windows)
Apple Computer, Inc., Mac OS 10.3.9 and later
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of QuickTime Player (7.1.3 or later), available from the Apple Web site at http://www.apple.com/quicktime/ |
| Related URL |
CVE-2006-4381,CVE-2006-4382,CVE-2006-4384,CVE-2006-4385,CVE-2006-4386,CVE-2006-4388,CVE-2006-4389 (CVE) |
| Related URL |
19976 (SecurityFocus) |
| Related URL |
28928,28929,28930,28932,28934,28935,28938 (ISS) |
|
