Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2018 Jeff AdamsQUICKTIME_HEAP_OVERFLOW.NASL
HistoryMay 05, 2004 - 12:00 a.m.

QuickTime < 6.5.1 .mov File sample-to-chunk Table Data Handling Overflow (Windows)

2004-05-0500:00:00
This script is Copyright (C) 2004-2018 Jeff Adams
www.tenable.com
27
JSON

The remote host is using QuickTime, a popular media player/Plug-in that handles many Media files.

This version has a Heap overflow that could allow an attacker to execute arbitrary code on this host, with the rights of the user running QuickTime.

#
# This script was written by Jeff Adams <[email protected]>
#
# See the Nessus Scripts License for details
#

# Changes by Tenable:
# - Revised plugin title, output formatting (9/23/09)
# - Title standardization (9/27/09)


include("compat.inc");

if(description)
{
 script_id(12226);
 script_version("1.22");
 script_cve_id("CVE-2004-0431");
 script_bugtraq_id(10257);
 
 script_name(english:"QuickTime < 6.5.1 .mov File sample-to-chunk Table Data Handling Overflow (Windows)");
 
 script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has a media player installed that is affected
by a remote code execution vulnerability." );
 script_set_attribute(attribute:"description", value:
"The remote host is using QuickTime, a popular media player/Plug-in
that handles many Media files.

This version has a Heap overflow that could allow an attacker
to execute arbitrary code on this host, with the rights of the user
running QuickTime." );
 script_set_attribute(attribute:"see_also", value:"http://eeye.com/html/Research/Advisories/AD20040502.html" );
 script_set_attribute(attribute:"solution", value:
"Upgrade to QuickTime version 6.5.1 or higher." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"plugin_publication_date", value: "2004/05/05");
 script_set_attribute(attribute:"vuln_publication_date", value: "2004/05/02");
 script_cvs_date("Date: 2018/08/22 16:49:14");
 script_set_attribute(attribute:"patch_publication_date", value: "2004/05/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime");
script_end_attributes();
 script_summary(english:"Determines the version of QuickTime Player/Plug-in");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2004-2018 Jeff Adams");
 script_family(english:"Windows");
 script_dependencies("quicktime_installed.nasl");
 script_require_keys("SMB/QuickTime/Version");
 exit(0);
}


ver = get_kb_item("SMB/QuickTime/Version");
if (ver && ver =~ "^([0-5]\.|6\.[0-4]\.|6\.5$|6.5.0$)") security_warning(get_kb_item("SMB/transport"));
VendorProductVersionCPE
applequicktimecpe:/a:apple:quicktime

Related

cve 1
openvas 1
securityvulns 2
cvelist 1
checkpoint_advisories 1
cert 1
cve
cve
CVE-2004-0431
2004-07-07 04:00:00
openvas
openvas
Quicktime player/plug-in Heap overflow
2005-11-03 00:00:00
securityvulns
securityvulns
[EEYEB-20051117B] Apple iTunes &#40;QuickTime.qts&#41; Heap Overflow
2006-01-12 00:00:00
[Full-Disclosure] EEYE: Apple QuickTime &#40;QuickTime.qts&#41; Heap Overflow
2004-05-02 00:00:00
cvelist
cvelist
CVE-2004-0431
2004-05-06 04:00:00
checkpoint_advisories
checkpoint_advisories
Apple Quicktime Heap Overflow (CVE-2004-0431)
2010-04-07 00:00:00
cert
cert
Apple QuickTime contains an integer overflow in the "QuickTime.qts" extension
2004-05-03 00:00:00
JSON
Related for QUICKTIME_HEAP_OVERFLOW.NASL
cve1openvas1securityvulns2cvelist1checkpoint_advisories1cert1