This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote Mac OS X host contains an application that is affected by a
buffer overflow vulnerability.
The version of QuickTime installed on the remote Mac OS X host is
older than 7.4.1. Such versions contain a heap buffer overflow in the
application's handling of HTTP responses when RTSP tunneling is
enabled. If an attacker can trick a user to visit a specially crafted
webpage, he may be able to to execute arbitrary code on the remote
host subject to the user's privileges.
See also :
Either use QuickTime's Software Update preference to upgrade to the
latest version or manually upgrade to QuickTime 7.4.1 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 30203 (macosx_Quicktime741.nasl)
Bugtraq ID: 27225
CVE ID: CVE-2008-0234
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.