6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
0.023 Low
EPSS
Percentile
89.8%
The version of Apple QuickTime installed on the remote Windows host is prior to 7.7.9. It is, therefore, affected by multiple remote code execution vulnerabilities due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these, via a crafted movie file, to execute arbitrary code or cause a denial of service through memory corruption.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(87848);
script_version("1.9");
script_cvs_date("Date: 2019/11/22");
script_cve_id(
"CVE-2015-7085",
"CVE-2015-7086",
"CVE-2015-7087",
"CVE-2015-7088",
"CVE-2015-7089",
"CVE-2015-7090",
"CVE-2015-7091",
"CVE-2015-7092",
"CVE-2015-7117"
);
script_xref(name:"APPLE-SA", value:"APPLE-SA-2016-01-07-1");
script_name(english:"Apple QuickTime < 7.7.9 Multiple RCE (Windows)");
script_summary(english:"Checks the version of QuickTime on Windows.");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains an application that is affected by
multiple remote code execution vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Apple QuickTime installed on the remote Windows host is
prior to 7.7.9. It is, therefore, affected by multiple remote code
execution vulnerabilities due to improper validation of user-supplied
input. An unauthenticated, remote attacker can exploit these, via a
crafted movie file, to execute arbitrary code or cause a denial of
service through memory corruption.");
script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205638");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apple QuickTime version 7.7.9 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-7117");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/01/07");
script_set_attribute(attribute:"patch_publication_date", value:"2016/01/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("quicktime_installed.nasl");
script_require_keys("SMB/QuickTime/Version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
kb_base = "SMB/QuickTime/";
version = get_kb_item_or_exit(kb_base+"Version");
path = get_kb_item_or_exit(kb_base+"Path");
version_ui = get_kb_item(kb_base+"Version_UI");
if (isnull(version_ui)) version_report = version;
else version_report = version_ui;
fixed_version = "7.79.80.95";
fixed_version_ui = "7.7.9 (1680.95.84)";
if (ver_compare(ver:version, fix:fixed_version) == -1)
{
port = get_kb_item("SMB/transport");
if (!port) port = 445;
if (report_verbosity > 0)
{
report =
'\n Path : ' + path +
'\n Installed version : ' + version_report +
'\n Fixed version : ' + fixed_version_ui +
'\n';
security_warning(port:port, extra:report);
}
else security_warning(port);
exit(0);
}
audit(AUDIT_INST_PATH_NOT_VULN, 'QuickTime Player', version_report, path);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7085
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7086
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7087
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7088
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7089
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7090
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7091
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7092
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7117
support.apple.com/en-us/HT205638
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
0.023 Low
EPSS
Percentile
89.8%