Quicktime < 7.1.6 quicktime.util.QTHandleRef toQTPointer Method Arbitrary Code Execution (Mac OS X)
High Nessus Plugin ID 25122
SynopsisThe remote Mac OS X host contains an application that is prone to multiple attacks.
DescriptionAccording to its version, the installation of Quicktime on the remote Mac OS X host which contains a bug which might allow a rogue Java program to write anywhere in the heap.
An attacker may be able to leverage these issues to execute arbitrary code on the remote host by luring a victim into visiting a rogue page containing a malicious Java applet.
SolutionUpgrade to Quicktime version 7.1.6 or later.