Summary
The host is installed with Apple QuickTime which is prone to Multiple Vulnerabilities.
Impact
Successful exploitation allow attackers to execute arbitrary code, cause memory corruption or unexpected application termination via specially crafted files, images and videos.
Impact Level : Application
Solution
Upgrade to Apple QuickTime version 7.6.2 or later, http://www.apple.com/quicktime/download/
Insight
The flaws are due to
- an unspecified error while handling malicious 1)FLC compression files, 2)compressed PSD images, 3)PICT images, 4)JP2 images.
- an error in the parsing of Sorenson Video 3 content.
- a boundary error in the processing of MS ADPCM encoded audio data.
- an error due to the usage of uninitialised memory when a movie with a user data atom size of zero is viewed.
- a sign extension error while the handling malicious image description atoms in an Apple video file.
Affected
Apple QuickTime version prior to 7.6.2 on Windows.
References
Severity
Classification
-
CVE CVE-2009-0185, CVE-2009-0188, CVE-2009-0951, CVE-2009-0952, CVE-2009-0953, CVE-2009-0954, CVE-2009-0955, CVE-2009-0956, CVE-2009-0957 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities