| VID |
50010 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of QuickTime which is older than 7.7.1 has been installed on the host. QuickTime versions prior to 7.7.1 are vulnerable to multiple vulnerabilities.
- A cross-site scripting issue exists in HTML files generated by the 'Save for Web' export feature. (CVE-2011-3218)
- A buffer overflow error exists in the handling of H.264 encoded video files. (CVE-2011-3219)
- An error exists in the processing of URL data handlers in movie files and can allow access to uninitialized areas of memory. (CVE-2011-3220)
- An error exists in the handling of the 'atoms' hierarchy as well as 'TKHD atoms' in movie files. (CVE-2011-3221, CVE-2011-3251)
- Buffer overflow errors exist in the processing of of FlashPix, FLIC, PICT and FLC-encoded files. (CVE-2011-3222, CVE-2011-3223, CVE-2011-3247, CVE-2011-3249)
- An unspecified error can allow memory corruption when viewing certain video files. (CVE-2011-3228)
- An error related to signedness exists in the handling of font tables in QuickTime video files. (CVE-2011-3248)
- An integer overflow error exists in the handling of JPEG2000 encoded video files. (CVE-2011-3250)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.zerodayinitiative.com/advisories/ZDI-11-295/
http://www.zerodayinitiative.com/advisories/ZDI-11-303/
http://www.zerodayinitiative.com/advisories/ZDI-11-311/
http://www.zerodayinitiative.com/advisories/ZDI-11-312/
http://www.zerodayinitiative.com/advisories/ZDI-11-313/
http://www.zerodayinitiative.com/advisories/ZDI-11-314/
http://www.zerodayinitiative.com/advisories/ZDI-11-315/
http://www.zerodayinitiative.com/advisories/ZDI-11-316/
http://support.apple.com/kb/HT5016
* Platforms Affected:
QuickTime versions prior to 7.7.1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of QuickTime Player (7.7.1 or later), available from the Apple Web site at http://www.apple.com/quicktime/ |
| Related URL |
CVE-2011-3218,CVE-2011-3219,CVE-2011-3220,CVE-2011-3221,CVE-2011-3222,CVE-2011-3223,CVE-2011-3228,CVE-2011-3247,CVE-2011-3248 (CVE) |
| Related URL |
50068,50100,50101,50122,50127,50130,50131,50399,50400,50401,50403,50404 (SecurityFocus) |
| Related URL |
(ISS) |
|
