QuickTime < 7.5 Multiple Vulnerabilities (Mac OS X)

This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mac OS X host contains an application that is affected by
multiple vulnerabilities.

Description :

The version of QuickTime installed on the remote Mac OS X host is
older than 7.5. Such versions contain several vulnerabilities :

- There is a heap-based buffer overflow in QuickTime's
handling of PICT image files that could result in a
program crash or arbitrary code execution
(CVE-2008-1583).

- There is a memory corruption issue in QuickTime's
handling of AAC-encoded media content that could
result in a program crash or arbitrary code execution
(CVE-2008-1582).

- There is a stack-based buffer overflow in QuickTime's
handling of Indeo video codec content that could
result in a program crash or arbitrary code execution
(CVE-2008-1584).

- There is a URL handling issue in QuickTime's handling
of 'file:' URLs that may allow launching of arbitrary
applications (CVE-2008-1585).

See also :

http://support.apple.com/kb/HT1991
http://www.zerodayinitiative.com/advisories/ZDI-08-037
http://www.zerodayinitiative.com/advisories/ZDI-08-038
http://www.securityfocus.com/archive/1/493247/30/0/threaded
http://www.securityfocus.com/archive/1/493248/30/0/threaded
http://lists.apple.com/archives/security-announce/2008/Jun/msg00000.html

Solution :

Either use QuickTime's Software Update preference to upgrade to the
latest version or manually upgrade to QuickTime 7.5 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: MacOS X Local Security Checks

Nessus Plugin ID: 33131 (macosx_Quicktime75.nasl)

Bugtraq ID: 29619
29648
29650
29652
29654

CVE ID: CVE-2008-1582
CVE-2008-1583
CVE-2008-1584
CVE-2008-1585