Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Quicktime Multiple Integer Overflows (deprecated)

High

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running an older version of Quicktime player for Microsoft Windows. This version is vulnerable to a remote overflow. A remote attacker exploiting this flaw would need to create a malicious Quicktime file and entice the user to play it. A successful exploit would allow the attacker to execute random code within the context of the local machine. Additionally, there is a similar flaw within the Quicktime library that displays JPEG files. An attacker exploiting this second flaw would need to be able to convince a user into viewing a malicious JPEG file within the Quicktime viewer. Successful exploitation would result in arbitrary code being executed on the victim system.

Solution

Upgrade or patch according to vendor recommendations.