The host is running Apple QuickTime and is prone to multiple buffer overflow vulnerabilities.
Successful exploitation could allow attackers to execute arbitrary code in the context of the currently logged-in user. Viewing a maliciously crafted movie file may lead to an unexpected application termination. Impact Level: System/Application
Upgrade to Apple QuickTime version 7.7 or later For updates refer to http://www.apple.com/quicktime/download/
The flaws are due to - a buffer overflow error, when handling pict files. - heap buffer overflow error, when handling 'GIF' images and 'STSC', 'STSS', 'STSZ' and 'STTS' atoms in QuickTime movie files. - multiple stack buffer overflows existed in the handling of 'H.264' encoded movie files. - stack buffer overflow existed in the QuickTime ActiveX control's handling of 'QTL' files. - an integer overflow existed in the handling of track run atoms in QuickTime movie files. - improper bounds checking when handling 'mp4v' codec information.
Apple QuickTime version prior to 7.7
Updated on 2017-03-28
CVE CVE-2011-0245, CVE-2011-0246, CVE-2011-0247, CVE-2011-0248, CVE-2011-0249, CVE-2011-0250, CVE-2011-0251, CVE-2011-0252, CVE-2011-0256, CVE-2011-0257, CVE-2011-0258
CVSS Base Score: 9.3
- Attachmate Reflection FTP Client LIST Command Remote Heap Buffer Overflow Vulnerability
- Adobe Flash Professional JPG Object Processing BOF Vulnerability (Windows)
- Adobe Shockwave Player 3D Model Buffer Overflow Vulnerabilities
- Adobe Reader Buffer Overflow Vulnerability Sep09 (Win)
- Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Win)