This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Windows host contains an application that may be affected
by multiple vulnerabilities.
The version of QuickTime installed on the remote Windows host is older
than 7.7.4. It is, therefore, reportedly affected by the following
- Buffer overflow vulnerabilities exist in the handling of
'dref' atoms, 'enof' atoms, 'mvhd' atoms, FPX files, MP3
files, H.263 and H.264 encoded movie files, Sorenson
encoded movie files, and JPEG encoded data.
(CVE-2013-0986, CVE-2013-0988, CVE-2013-0989,
CVE-2013-1016, CVE-2013-1017, CVE-2013-1018,
CVE-2013-1019, CVE-2013-1021, CVE-2013-1022)
- Memory corruption vulnerabilities exist in the handling
of QTIF files, TeXML files, and JPEG encoded data.
(CVE-2013-0987, CVE-2013-1015, CVE-2013-1020)
Successful exploitation of these issues could result in program
termination or arbitrary code execution, subject to the user's
See also :
Upgrade to QuickTime 7.7.4 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Nessus Plugin ID: 66636 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now