The host is installed with Apple QuickTime and is prone to multiple vulnerabilities.
Successful exploitation could allow attackers to execute arbitrary code in the context of an affected application, and can cause Denial of Service. Impact Level: Application
Upgrade to Apple QuickTime version 7.6.4 or later, http://www.apple.com/quicktime/download/
- A memory corruption issue exists when handling 'H.264' movie files. - An error in the parsing of 'MPEG-4' video files which causes buffer overflow. - An integer overflow error when processing the 'SectorShift' and 'cSectFat' fields of a FlashPix file header. This can be exploited to cause a heap-based buffer overflow via a specially crafted FlashPix '.fpx' file. - A boundary error exists when processing samples from a 'H.264' encoded MOV file. This can be exploited to cause a heap-based buffer overflow via a specially crafted 'MOV' file.
Apple QuickTime before 7.6.4 on Windows.
CVE CVE-2009-2202, CVE-2009-2203, CVE-2009-2798, CVE-2009-2799
CVSS Base Score: 9.3
- Adobe Photoshop Multiple Buffer Overflow Vulnerabilities
- Adobe Shockwave Player 3D Model Buffer Overflow Vulnerabilities
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
- Adobe Reader Multimeda Doc.media.newPlayer Code Execution Vulnerability (Linux)
- CuteFTP Heap Based Buffer Overflow Vulnerability