Quicktime Multiple Integer Overflows

High Log Correlation Engine Plugin ID 801200

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running an older version of Quicktime player for Microsoft Windows. This version is vulnerable to a remote overflow. A remote attacker exploiting this flaw would need to create a malicious Quicktime file and entice the user to play it. A successful exploit would allow the attacker to execute random code within the context of the local machine. Additionally, there is a similar flaw within the Quicktime library that displays JPEG files. An attacker exploiting this second flaw would need to be able to convince a user into viewing a malicious JPEG file within the Quicktime viewer. Successful exploitation would result in arbitrary code being executed on the victim system.

Solution

Upgrade or patch according to vendor recommendations.

Plugin Details

Severity: High

ID: 801200

File Name: 801200.prm

Family: Web Clients

Nessus ID: 17637

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Reference Information

CVE: CVE-2005-0903, CVE-2004-0431, CVE-2004-0988

BID: 11553, 12905