QuickTime < 6.5.1 .mov File sample-to-chunk Table Data Handling Overflow (Windows)

This script is Copyright (C) 2004-2011 Jeff Adams

Synopsis :

The remote Windows host has a media player installed that is affected
by a remote code execution vulnerability.

Description :

The remote host is using QuickTime, a popular media player/Plug-in
that handles many Media files.

This version has a Heap overflow that could allow an attacker
to execute arbitrary code on this host, with the rights of the user
running QuickTime.

See also :


Solution :

Upgrade to QuickTime version 6.5.1 or higher.

Risk factor :

Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 4.2
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 12226 ()

Bugtraq ID: 10257

CVE ID: CVE-2004-0431

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now