QuickTime < 7.0.3 Multiple Vulnerabilities (Windows)

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote version of QuickTime may allow an attacker to execute
arbitrary code on the remote host.

Description :

The remote Windows host is running a version of QuickTime that is
older than QuickTime 7.0.3.

The remote version of this software is reportedly vulnerable to
various buffer overflows that may allow an attacker to execute
arbitrary code on the remote host by sending a malformed file to a
victim and have him open it using QuickTime player.

See also :

http://docs.info.apple.com/article.html?artnum=302772

Solution :

Upgrade to QuickTime 7.0.3 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 20136 ()

Bugtraq ID: 15306
15307
15308
15309

CVE ID: CVE-2005-2753
CVE-2005-2754
CVE-2005-2755
CVE-2005-2756

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now