Detections
Analytics

QuickTime < 7.1.6 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 3975

Synopsis

The remote host is vulnerable to multiple buffer overflows.

Description

According to its version, the installation of QuickTime on the remote Windows host is affected by a flaw in the way that it handles malformed Java byte code. An attacker exploiting this flaw would need to be able to convince a user to browse to a malicious site. Further, the browser must be Java-enabled and have a vulnerable version of QuickTime installed. Successful exploitation would result in the attacker executing arbitrary code on the client system. In addition, this version of QuickTime is vulnerable to an integer overflow and a heap overflow. An attacker exploiting either of these flaws will be able to execute code on the remote machine.

Solution

Upgrade to version 7.1.6 or higher.

See Also

http://www.matasano.com/log/812/breaking-macbook-vuln-in-quicktime-affects-win32-apple-code

Plugin Details

Severity: Medium

ID: 3975

Family: Web Clients

Published: 4/24/2007

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apple:quicktime

Exploitable With

Metasploit (Apple QTJava toQTPointer() Arbitrary Memory Access)

Reference Information

CVE: CVE-2007-2295, CVE-2007-2296

BID: 23652, 23650, 23608