The host is installed with Apple QuickTime and is prone to multiple vulnerabilities.
Successful exploitation could allow attackers to execute arbitrary code in the context of an affected application, and can cause Denial of Service. Impact Level: Application
Upgrade to Apple QuickTime version 7.6.4 or later, http://www.apple.com/quicktime/download/
- A memory corruption issue exists when handling 'H.264' movie files. - An error in the parsing of 'MPEG-4' video files which causes buffer overflow. - An integer overflow error when processing the 'SectorShift' and 'cSectFat' fields of a FlashPix file header. This can be exploited to cause a heap-based buffer overflow via a specially crafted FlashPix '.fpx' file. - A boundary error exists when processing samples from a 'H.264' encoded MOV file. This can be exploited to cause a heap-based buffer overflow via a specially crafted 'MOV' file.
Apple QuickTime before 7.6.4 on Windows.
CVE CVE-2009-2202, CVE-2009-2203, CVE-2009-2798, CVE-2009-2799
CVSS Base Score: 9.3
- Adobe Air Buffer Overflow Vulnerability (Mac OS X)
- Adobe Flash Professional JPG Object Processing BOF Vulnerability (Mac OS X)
- ALZip MIM File Processing Buffer Overflow Vulnerability
- Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Mac OS X)
- ClamAV 'find_stream_bounds()' function Buffer Overflow Vulnerability