Apple QuickTime多个远程安全漏洞

BUGTRAQ ID: 28583 CVECAN ID: CVE-2008-1013,CVE-2008-1014,CVE-2008-1015,CVE-2008-1016,CVE-2008-1017,CVE-2008-1018,CVE-2008-1019,CVE-2008-1020,CVE-2008-1021,CVE-2008-1022,CVE-2008-1023 Apple QuickTime是一款非常流行的多媒体播放器。 QuickTime的7.4.5之前版本存在多个安全漏洞，允许用户通过畸形的媒体文件获得敏感信息或完全入侵用户系统。 CVE-2008-1013...

CVE-2008-1014

Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information...

CVE-2008-1014

Apple QuickTime before 7.4.5 is affected by CVE-2008-1014 where specially crafted movies can trigger handling of external URLs, allowing remote attackers to obtain sensitive information. The vulnerability is tied to QuickTime’s processing of external URLs in movies, leading to information disclos...

QuickTime < 7.4.5 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.4.5. Such versions contain several vulnerabilities : - Untrusted Java applets may obtain elevated privileges CVE-2008-1013. - Downloading a movie file may lead to information disclosure CVE-2008-1014. - Viewing a...