Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.QUICKTIME_766.NASL
HistoryMar 31, 2010 - 12:00 a.m.

QuickTime < 7.6.6 Multiple Vulnerabilities (Windows)

2010-03-3100:00:00
This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
22
JSON

The version of QuickTime installed on the remote Windows host is older than 7.6.6. Such versions contain several vulnerabilities :

  • A heap-based buffer overflow in QuickTime’s handling of PICT images may lead to an application crash or arbitrary code execution. (CVE-2009-2837)

  • A memory corruption issue in QuickTime’s handling of QDM2 encoded audio content may lead to an application crash or arbitrary code execution. (CVE-2010-0059)

  • A memory corruption issue in QuickTime’s handling of QDMC encoded audio content may lead to an application crash or arbitrary code execution. (CVE-2010-0060)

  • A heap-based buffer overflow in QuickTime’s handling of H.263 encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0062)

  • A heap-based buffer overflow in QuickTime’s handling of H.261 encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0514)

  • A memory corruption issue in QuickTime’s handling of H.264 encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0515)

  • A heap-based buffer overflow in QuickTime’s handling of RLE encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0516)

  • A heap-based buffer overflow in QuickTime’s handling of M-JPEG encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0517)

  • A memory corruption issue in QuickTime’s handling of Sorenson encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0518)

  • An integer overflow in QuickTime’s handling of FlashPix encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0519)

  • A heap-based buffer overflow in QuickTime’s handling of FLC encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0520)

  • A heap-based buffer overflow in QuickTime’s handling of MPEG encoded movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0526)

  • An integer overflow in QuickTime’s handling of PICT images may lead to an application crash or arbitrary code execution. (CVE-2010-0527)

  • A memory corruption issue in QuickTime’s handling of color tables in movie files may lead to an application crash or arbitrary code execution. (CVE-2010-0528)

  • A heap-based buffer overflow in QuickTime’s handling of PICT images may lead to an application crash or arbitrary code execution. (CVE-2010-0529)

  • A memory corruption issue in QuickTime’s handling of BMP images may lead to an application crash or arbitrary code execution. (CVE-2010-0536)

#
# (C) Tenable Network Security, Inc.
#


if (NASL_LEVEL < 3000) exit(0);


include("compat.inc");


if (description)
{
  script_id(45388);
  script_version("1.15");
  script_cvs_date("Date: 2018/07/26 13:32:43");

  script_cve_id(
    "CVE-2009-2837",
    "CVE-2010-0059",
    "CVE-2010-0060",
    "CVE-2010-0062",
    "CVE-2010-0514",
    "CVE-2010-0515",
    "CVE-2010-0516",
    "CVE-2010-0517",
    "CVE-2010-0518",
    "CVE-2010-0519",
    "CVE-2010-0520",
    "CVE-2010-0526",
    "CVE-2010-0527",
    "CVE-2010-0528",
    "CVE-2010-0529",
    "CVE-2010-0536"
  );
  script_bugtraq_id(
    39136,
    39139,
    39140,
    39141,
    39152,
    39154,
    39155,
    39159,
    39161,
    39163,
    39164,
    39165,
    39166,
    39167
  );

  script_name(english:"QuickTime < 7.6.6 Multiple Vulnerabilities (Windows)");
  script_summary(english:"Checks version of QuickTime on Windows");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote Windows host contains an application that is affected by
multiple vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The version of QuickTime installed on the remote Windows host is older
than 7.6.6.  Such versions contain several vulnerabilities :

  - A heap-based buffer overflow in QuickTime's handling of
    PICT images may lead to an application crash or
    arbitrary code execution. (CVE-2009-2837)

  - A memory corruption issue in QuickTime's handling of
    QDM2 encoded audio content may lead to an application
    crash or arbitrary code execution. (CVE-2010-0059)

  - A memory corruption issue in QuickTime's handling of
    QDMC encoded audio content may lead to an application
    crash or arbitrary code execution. (CVE-2010-0060)

  - A heap-based buffer overflow in QuickTime's handling of
    H.263 encoded movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0062)

  - A heap-based buffer overflow in QuickTime's handling of
    H.261 encoded movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0514)

  - A memory corruption issue in QuickTime's handling of
    H.264 encoded movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0515)

  - A heap-based buffer overflow in QuickTime's handling of
    RLE encoded movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0516)

  - A heap-based buffer overflow in QuickTime's handling of
    M-JPEG encoded movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0517)

  - A memory corruption issue in QuickTime's handling of
    Sorenson encoded movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0518)

  - An integer overflow in QuickTime's handling of FlashPix
    encoded movie files may lead to an application crash or
    arbitrary code execution. (CVE-2010-0519)

  - A heap-based buffer overflow in QuickTime's handling of
    FLC encoded movie files may lead to an application crash
    or arbitrary code execution. (CVE-2010-0520)

  - A heap-based buffer overflow in QuickTime's handling of
    MPEG encoded movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0526)

  - An integer overflow in QuickTime's handling of PICT
    images may lead to an application crash or arbitrary
    code execution. (CVE-2010-0527)

  - A memory corruption issue in QuickTime's handling of
    color tables in movie files may lead to an application
    crash or arbitrary code execution. (CVE-2010-0528)

  - A heap-based buffer overflow in QuickTime's handling of
    PICT images may lead to an application crash or
    arbitrary code execution. (CVE-2010-0529)

  - A memory corruption issue in QuickTime's handling of
    BMP images may lead to an application crash or arbitrary
    code execution. (CVE-2010-0536)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.apple.com/kb/HT4104"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://lists.apple.com/archives/security-announce/2010/Mar/msg00002.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.securityfocus.com/advisories/19386"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Upgrade to QuickTime 7.6.6 or later."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(119);
  script_set_attribute(attribute:"vuln_publication_date", value:"2010/03/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/03/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/31");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("quicktime_installed.nasl");
  script_require_keys("SMB/QuickTime/Version");

  exit(0);
}


include("global_settings.inc");


version_ui = get_kb_item("SMB/QuickTime/Version_UI");
version = get_kb_item("SMB/QuickTime/Version");
if (isnull(version)) exit(1, "The 'SMB/QuickTime/Version' KB item is missing.");

if (isnull(version_ui)) version_report = version;
else version_report = version_ui;

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

if (
  ver[0] < 7 || 
  (
    ver[0] == 7 && 
    (
      ver[1] < 66 ||
      (ver[1] == 66 && ver[2] < 71)
    )
  )
)
{
  if (report_verbosity > 0)
  {
    report = '\n' +
      'QuickTime ' + version_report + ' is currently installed on the remote host.\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
}
else exit(0, "The host is not affected since QuickTime "+version_report+" is installed.");
VendorProductVersionCPE
applequicktimecpe:/a:apple:quicktime

References

Related

nessus 6
securityvulns 16
openvas 6
cve 16
prion 16
seebug 4
zdi 13
exploitpack 2
packetstorm 2
checkpoint_advisories 1
exploitdb 2
threatpost 1
nessus
nessus
QuickTime < 7.6.6 Multiple Vulnerabilities
2009-03-31 00:00:00
QuickTime < 7.6.6 Multiple Vulnerabilities
2009-03-31 00:00:00
QuickTime < 7.6.6 Multiple Vulnerabilities (Mac OS X)
2010-03-31 00:00:00
securityvulns
securityvulns
Apple QuickTime/iTunes multiple security vulnerabilities
2010-04-12 00:00:00
ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability
2010-04-05 00:00:00
ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability
2010-04-05 00:00:00
openvas
openvas
Apple QuickTime Multiple Denial Of Service Vulnerabilities (Windows)
2010-04-06 00:00:00
Apple QuickTime Multiple Denial Of Service Vulnerabilities - Windows
2010-04-06 00:00:00
Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
2010-05-12 00:00:00
cve
cve
CVE-2010-0514
2010-03-30 18:30:00
CVE-2010-0526
2010-03-30 18:30:00
CVE-2010-0515
2010-03-30 18:30:00
prion
prion
Heap overflow
2010-03-30 18:30:00
Heap overflow
2010-03-30 18:30:00
Integer overflow
2010-03-31 18:30:00
seebug
seebug
Apple QuickTime Pict BkPixPat Remote Code Execution
2010-04-07 00:00:00
Apple QuickTime FLI LinePacket - Remote Code Execution Vulnerability
2014-07-01 00:00:00
Apple QuickTime FlashPix NumberOfTiles - Remote Code Execution Vulnerability
2014-07-01 00:00:00
zdi
zdi
Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability
2010-04-06 00:00:00
Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability
2010-04-02 00:00:00
Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability
2010-04-02 00:00:00
exploitpack
exploitpack
Apple QuickTime FLI LinePacket - Remote Code Execution
2010-09-18 00:00:00
Apple QuickTime FlashPix NumberOfTiles - Remote Code Execution
2010-09-02 00:00:00
packetstorm
packetstorm
Month Of Abysssec Undisclosed Bugs - Apple QuickTime FLI
2010-09-18 00:00:00
Month Of Abysssec Undisclosed Bugs - Apple QuickTime FlashPix
2010-09-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple QuickTime FlashPix Movie File Integer Overflow (CVE-2010-0519)
2010-05-03 00:00:00
exploitdb
exploitdb
Apple QuickTime FLI LinePacket - Remote Code Execution
2010-09-18 00:00:00
Apple QuickTime FlashPix NumberOfTiles - Remote Code Execution
2010-09-02 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44
JSON
Related for QUICKTIME_766.NASL
nessus6securityvulns16openvas6cve16prion16seebug4zdi13exploitpack2packetstorm2checkpoint_advisories1exploitdb2threatpost1