QuickTime < 7.6.8 Multiple Vulnerabilities (Windows)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by
two vulnerabilities.

Description :

The version of QuickTime installed on the remote Windows host is
older than 7.6.8. Such versions are reportedly affected by two
vulnerabilities :

- An input validation issue in the QTPlugin.ocx ActiveX
control could allow an attacker to force the application
to jump to a location in memory controlled by the
attacker through the optional '_Marshaled_pUnk'
parameter and in turn to execute remote code under the
context of the user running the web browser.
(CVE-2010-1818)

- QuickTime Picture Viewer uses a fixed path to look for
specific files or libraries, such as 'cfnetwork.dll'
and 'corefoundation.dll', and this path includes
directories that may not be trusted or under user
control. If an attacker places a maliciously crafted
DLL in the same directory as an image file, opening
the image file with QuickTime Picture Viewer will cause
the malicious DLL to be loaded. (CVE-2010-1819)

See also :

http://zerodayinitiative.com/advisories/ZDI-10-168/
http://seclists.org/bugtraq/2010/Aug/372
http://www.nessus.org/u?056a1d24
http://support.apple.com/kb/HT4339
http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html

Solution :

Upgrade to QuickTime 7.6.8 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 49260 ()

Bugtraq ID: 42774
42841

CVE ID: CVE-2010-1818
CVE-2010-1819

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now