QuickTime < 7.4.5 Multiple Vulnerabilities

2008-04-0300:00:00

Tenable

www.tenable.com

The version of QuickTime installed on the remote Windows host is older than 7.4.5. Such versions contain several vulnerabilities :

Untrusted Java applets may obtain elevated privileges (CVE-2008-1013).
Downloading a movie file may lead to information disclosure (CVE-2008-1014).
Viewing a specially-crafted movie file may lead to a program crash or arbitrary code execution (CVE-2008-1015, CVE-2008-1016, CVE-2008-1017, CVE-2008-1018, CVE-2008-1021, CVE-2008-1022).
Opening a specially-crafted PICT image file may lead to a program crash or arbitrary code execution (CVE-2008-1019, CVE-2008-1020, CVE-2008-1023).

Binary data 4458.prm

VendorProductVersionCPE
applequicktimecpe:/a:apple:quicktime

Vendor	Product	Version	CPE
apple	quicktime		cpe:/a:apple:quicktime

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1013

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1014

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1015

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1016

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1017

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1018

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1019

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1020

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1021

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1022

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1023

lists.apple.com/archives/security-announce/2008/Apr//msg00000.html

support.apple.com/kb/HT1241

Related for 4458.PRM