QuickTime < 7.7 Multiple Vulnerabilities (Mac OS X)

high Nessus Plugin ID 55763

Synopsis

The remote Mac OS X host contains an application that may be affected by multiple vulnerabilities.

Description

The version of QuickTime installed on the remote Mac OS X host is older than 7.7. As such, it reportedly may be affected by the following vulnerabilities :

- A buffer overflow in QuickTime's handling of pict files may lead to an application crash or arbitrary code execution. (CVE-2011-0245)

- A buffer overflow in QuickTime's handling of JPEG2000 files may lead to an application crash or arbitrary code execution. (CVE-2011-0186)

- A cross-origin issue in QuickTime plug-in's handling of cross-site redirects may lead to disclosure of video data from another site. (CVE-2011-0187)

- An integer overflow in QuickTime's handling of RIFF WAV files may lead to an application crash or arbitrary code execution. (CVE-2011-0209)

- A memory corruption issue in QuickTime's handling of sample tables in QuickTime movie files may lead to an application crash or arbitrary code execution.
(CVE-2011-0210)

- An integer overflow in QuickTime's handling of audio channels in movie files may lead to an application crash or arbitrary code execution. (CVE-2011-0211)

- A buffer overflow in QuickTime's handling of JPEG files may lead to an application crash or arbitrary code execution. (CVE-2011-0213)

- A heap-based buffer overflow in QuickTime's handling of STSC atoms in QuickTime movie files may lead to an application crash or arbitrary code execution.
(CVE-2011-0249)

- A heap-based buffer overflow in QuickTime's handling of STSS atoms in QuickTime movie files may lead to an application crash or arbitrary code execution.
(CVE-2011-0250)

- A heap-based buffer overflow in QuickTime's handling of STSZ atoms in QuickTime movie files may lead to an application crash or arbitrary code execution.
(CVE-2011-0251)

- A heap-based buffer overflow in QuickTime's handling of STTS atoms in QuickTime movie files may lead to an application crash or arbitrary code execution.
(CVE-2011-0252)

- A stack-based buffer overflow in QuickTime's handling of PICT files may lead to an application crash or arbitrary code execution. (CVE-2011-0257)

- An integer overflow in QuickTime's handling of track run atoms in QuickTime movie files may lead to an application crash or arbitrary code execution.
(CVE-2011-0256)

Solution

Upgrade to QuickTime 7.7 or later.

See Also

http://www.zerodayinitiative.com/advisories/ZDI-11-254/

http://www.zerodayinitiative.com/advisories/ZDI-11-257/

http://www.zerodayinitiative.com/advisories/ZDI-11-258/

http://www.zerodayinitiative.com/advisories/ZDI-11-259/

http://support.apple.com/kb/HT4826

http://lists.apple.com/archives/security-announce/2011/Aug/msg00000.html

Plugin Details

Severity: High

ID: 55763

File Name: macosx_Quicktime77.nasl

Version: 1.19

Type: local

Agent: macosx

Published: 8/4/2011

Updated: 7/14/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:apple:quicktime

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, MacOSX/QuickTime/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/3/2011

Vulnerability Publication Date: 6/23/2011

Exploitable With

CANVAS (White_Phosphorus)

Core Impact

Metasploit (Apple QuickTime PICT PnSize Buffer Overflow)

Reference Information

CVE: CVE-2011-0186, CVE-2011-0187, CVE-2011-0209, CVE-2011-0210, CVE-2011-0211, CVE-2011-0213, CVE-2011-0245, CVE-2011-0249, CVE-2011-0250, CVE-2011-0251, CVE-2011-0252, CVE-2011-0256, CVE-2011-0257

BID: 46992, 46995, 48419, 48420, 48430, 48442, 49028, 49034, 49035, 49036, 49038, 49144, 49170