QuickTime < 6.1 URL Handling Overflow (Windows)
High Nessus Plugin ID 11506
SynopsisArbitrary code may be run on the remote host.
DescriptionThe remote version of the QuickTime player is vulnerable to a buffer overflow.
To exploit it, an attacker would need a user of this host to visit a rogue webpage with a malformed link in it. He could then be able to execute arbitrary code with the rights of the user visiting the page.
SolutionUpgrade to QuickTime Player version 6.1 or later.