The host is installed with Apple QuickTime and is prone to multiple denial of service vulnerabilities.
Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service via crafted files. Impact Level: System/Application
Upgrade to QuickTime Player version 7.7.1 or later, For updates refer to http://www.apple.com/quicktime/download/
The flaws are due to - A integer overflow while handling the PICT files and JPEG2000 encoded movie files. - A signedness issue existed in the handling of font tables embedded in QuickTime movie files. - A buffer overflow issue while handling FLIC files, FlashPix files and FLC and RLE encoded movie files. - A memory corruption issue, while handling of TKHD atoms in QuickTime movie files.
QuickTime Player version prior to 7.7.1
CVE CVE-2011-3218, CVE-2011-3219, CVE-2011-3220, CVE-2011-3221, CVE-2011-3222, CVE-2011-3223, CVE-2011-3228, CVE-2011-3247, CVE-2011-3248, CVE-2011-3249, CVE-2011-3250, CVE-2011-3251, CVE-2011-3428
CVSS Base Score: 9.3
- Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)
- Active Perl Denial of Service Vulnerability (Windows)
- Easy RM to MP3 Converter Buffer Overflow Vulnerability
- Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Mac OS X)