Quicktime < 6.5.2
Medium Nessus Plugin ID 15573
SynopsisThe remote host is missing a Mac OS X update that fixes a security issue.
DescriptionThe remote Mac OS X host is running a version of Quicktime that is older than Quicktime 6.5.2.
The remote version of this software reportedly fails to check bounds properly when decoding BMP images, leading to a heap overflow.
If a remote attacker can trick a user into opening a maliciously crafted BMP file using the affected application, this issue could be leveraged to execute arbitrary code on the affected host.
SolutionUpgrade to Quicktime 6.5.2 or later.