QuickTime < 7.7 Multiple Vulnerabilities (Mac OS X)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mac OS X host contains an application that may be affected by
multiple vulnerabilities.

Description :

The version of QuickTime installed on the remote Mac OS X host is
older than 7.7. As such, it reportedly may be affected by the
following vulnerabilities :

- A buffer overflow in QuickTime's handling of pict files
may lead to an application crash or arbitrary code
execution. (CVE-2011-0245)

- A buffer overflow in QuickTime's handling of JPEG2000
files may lead to an application crash or arbitrary
code execution. (CVE-2011-0186)

- A cross-origin issue in QuickTime plug-in's handling of
cross-site redirects may lead to disclosure of video
data from another site. (CVE-2011-0187)

- An integer overflow in QuickTime's handling of RIFF WAV
files may lead to an application crash or arbitrary
code execution. (CVE-2011-0209)

- A memory corruption issue in QuickTime's handling of
sample tables in QuickTime movie files may lead to an
application crash or arbitrary code execution.
(CVE-2011-0210)

- An integer overflow in QuickTime's handling of audio
channels in movie files may lead to an application
crash or arbitrary code execution. (CVE-2011-0211)

- A buffer overflow in QuickTime's handling of JPEG files
may lead to an application crash or arbitrary code
execution. (CVE-2011-0213)

- A heap-based buffer overflow in QuickTime's handling of
STSC atoms in QuickTime movie files may lead to an
application crash or arbitrary code execution.
(CVE-2011-0249)

- A heap-based buffer overflow in QuickTime's handling of
STSS atoms in QuickTime movie files may lead to an
application crash or arbitrary code execution.
(CVE-2011-0250)

- A heap-based buffer overflow in QuickTime's handling of
STSZ atoms in QuickTime movie files may lead to an
application crash or arbitrary code execution.
(CVE-2011-0251)

- A heap-based buffer overflow in QuickTime's handling of
STTS atoms in QuickTime movie files may lead to an
application crash or arbitrary code execution.
(CVE-2011-0252)

- A stack-based buffer overflow in QuickTime's handling of
PICT files may lead to an application crash or arbitrary
code execution. (CVE-2011-0257)

- An integer overflow in QuickTime's handling of track run
atoms in QuickTime movie files may lead to an
application crash or arbitrary code execution.
(CVE-2011-0256)

See also :

http://www.zerodayinitiative.com/advisories/ZDI-11-254/
http://www.zerodayinitiative.com/advisories/ZDI-11-257/
http://www.zerodayinitiative.com/advisories/ZDI-11-258/
http://www.zerodayinitiative.com/advisories/ZDI-11-259/
http://support.apple.com/kb/HT4826
http://lists.apple.com/archives/security-announce/2011/Aug/msg00000.html

Solution :

Upgrade to QuickTime 7.7 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true