QuickTime < 7.7.4 Multiple Vulnerabilities (Windows)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that may be affected
by multiple vulnerabilities.

Description :

The version of QuickTime installed on the remote Windows host is older
than 7.7.4. It is, therefore, reportedly affected by the following
vulnerabilities :

- Buffer overflow vulnerabilities exist in the handling of
'dref' atoms, 'enof' atoms, 'mvhd' atoms, FPX files, MP3
files, H.263 and H.264 encoded movie files, Sorenson
encoded movie files, and JPEG encoded data.
(CVE-2013-0986, CVE-2013-0988, CVE-2013-0989,
CVE-2013-1016, CVE-2013-1017, CVE-2013-1018,
CVE-2013-1019, CVE-2013-1021, CVE-2013-1022)

- Memory corruption vulnerabilities exist in the handling
of QTIF files, TeXML files, and JPEG encoded data.
(CVE-2013-0987, CVE-2013-1015, CVE-2013-1020)

Successful exploitation of these issues could result in program
termination or arbitrary code execution, subject to the user's
privileges.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-13-110/
http://www.zerodayinitiative.com/advisories/ZDI-13-111/
http://www.zerodayinitiative.com/advisories/ZDI-13-112/
http://www.zerodayinitiative.com/advisories/ZDI-13-113/
http://www.zerodayinitiative.com/advisories/ZDI-13-114/
http://www.zerodayinitiative.com/advisories/ZDI-13-115/
http://www.zerodayinitiative.com/advisories/ZDI-13-116/
http://www.zerodayinitiative.com/advisories/ZDI-13-117/
http://www.zerodayinitiative.com/advisories/ZDI-13-118/
http://www.zerodayinitiative.com/advisories/ZDI-13-119/
http://support.apple.com/kb/HT5770
http://lists.apple.com/archives/security-announce/2013/May/msg00001.html
http://www.securityfocus.com/archive/1/526669/30/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-13-080/
http://www.zerodayinitiative.com/advisories/ZDI-13-110/

Solution :

Upgrade to QuickTime 7.7.4 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now