Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability
2013-06-11T00:00:00
ID ZDI-13-116 Type zdi Reporter Mil3s beep Modified 2013-11-09T00:00:00
Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of the stsd atom. A malformed stsd atom can be used to cause heap corruption. An attacker can leverage this vulnerability to execute code under the context of the current process.
{"hash": "5c36f5799da7038b67969637b2fb202bd2578cc751118af7606314ea731359ec", "edition": 2, "title": "Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of the stsd atom. A malformed stsd atom can be used to cause heap corruption. An attacker can leverage this vulnerability to execute code under the context of the current process.", "viewCount": 1, "objectVersion": "1.2", "hashmap": [{"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "f6a3d8823a905357ca06c65a89648798", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "9327a64fec47b73abf60b44446d1ff58", "key": "description"}, {"hash": "1f77e72bfa94faf463a44a3e6e21f229", "key": "href"}, {"hash": "b7fd0bad9a3db89554b13b658b53fddb", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "c5c974c1c6d58380923d9db6f4a0e987", "key": "published"}, {"hash": "998c3dbdcd3412c97d84c0dc2d92fab2", "key": "references"}, {"hash": "f2e5cf5f53afa51fbc2ba94c93a137c5", "key": "reporter"}, {"hash": "8a518ea55820fa171d1a120ca40f3ded", "key": "title"}, {"hash": "3dd086b59554fe33c1b8f051475b4b31", "key": "type"}], "cvelist": ["CVE-2013-1021"], "bulletinFamily": "info", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.zerodayinitiative.com/advisories/ZDI-13-116", "history": [{"bulletin": {"hash": "9ea6b16442edc482c7be5e3821db4b3a59cba2d0c8cba5b9fad96de9529e5368", "id": "ZDI-13-116", "title": "Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of the stsd atom. A malformed stsd atom can be used to cause heap corruption. An attacker can leverage this vulnerability to execute code under the context of the current process.", "viewCount": 0, "objectVersion": "1.2", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "f6a3d8823a905357ca06c65a89648798", "key": "cvelist"}, {"hash": "3dd086b59554fe33c1b8f051475b4b31", "key": "type"}, {"hash": "de25676891f23b04ab869e6e7840e9a3", "key": "modified"}, {"hash": "998c3dbdcd3412c97d84c0dc2d92fab2", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1f77e72bfa94faf463a44a3e6e21f229", "key": "href"}, {"hash": "8a518ea55820fa171d1a120ca40f3ded", "key": "title"}, {"hash": "c5c974c1c6d58380923d9db6f4a0e987", "key": "published"}, {"hash": "9327a64fec47b73abf60b44446d1ff58", "key": "description"}, {"hash": "f2e5cf5f53afa51fbc2ba94c93a137c5", "key": "reporter"}], "cvelist": ["CVE-2013-1021"], "bulletinFamily": "info", "published": "2013-06-11T00:00:00", "references": ["http://support.apple.com/kb/HT1222"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "edition": 1, "reporter": "Mil3s beep", "lastseen": "2016-09-04T11:34:08", "history": [], "modified": "2013-09-04T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-13-116", "type": "zdi"}, "lastseen": "2016-09-04T11:34:08", "edition": 1, "differentElements": ["modified"]}], "id": "ZDI-13-116", "reporter": "Mil3s beep", "published": "2013-06-11T00:00:00", "references": ["http://support.apple.com/kb/HT1222"], "lastseen": "2016-11-09T00:17:59", "modified": "2013-11-09T00:00:00", "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "vulnersScore": 9.3}, "type": "zdi"}
{"result": {"cve": [{"lastseen": "2017-09-19T13:38:38", "references": ["http://lists.apple.com/archives/security-announce/2013/May/msg00001.html", "http://support.apple.com/kb/HT5770"], "edition": 2, "description": "Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file.", "reporter": "NVD", "published": "2013-05-24T12:43:58", "title": "CVE-2013-1021", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16728", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16728"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-1021"], "scanner": [], "cpe": ["cpe:/a:apple:quicktime:7.2.0", "cpe:/a:apple:quicktime:6.5.2", "cpe:/a:apple:quicktime:7.0.4", "cpe:/a:apple:quicktime:7.1.5", "cpe:/a:apple:quicktime:7.7.1", "cpe:/a:apple:quicktime:6.0.1", "cpe:/a:apple:quicktime:5.0.2", "cpe:/a:apple:quicktime:7.6.2", "cpe:/a:apple:quicktime:5.0", "cpe:/a:apple:quicktime:4.1.2", "cpe:/a:apple:quicktime:7.4.5", "cpe:/a:apple:quicktime:7.1.6", "cpe:/a:apple:quicktime:7.6.8", "cpe:/a:apple:quicktime:6.2.0", "cpe:/a:apple:quicktime:7.6.5", "cpe:/a:apple:quicktime:7.3.0", "cpe:/a:apple:quicktime:7.7.2", "cpe:/a:apple:quicktime:7.7.0", "cpe:/a:apple:quicktime:6.3.0", "cpe:/a:apple:quicktime:6.0", "cpe:/a:apple:quicktime:7.1.3", "cpe:/a:apple:quicktime:7.6.1", "cpe:/a:apple:quicktime:7.6.7", "cpe:/a:apple:quicktime:7.1.1", "cpe:/a:apple:quicktime:6.4.0", "cpe:/a:apple:quicktime:7.4.1", "cpe:/a:apple:quicktime:7.0.1", "cpe:/a:apple:quicktime:7.5.0", "cpe:/a:apple:quicktime:7.3.1", "cpe:/a:apple:quicktime:7.0.2", "cpe:/a:apple:quicktime:7.1.2", "cpe:/a:apple:quicktime:7.6.0", "cpe:/a:apple:quicktime:7.0.0", "cpe:/a:apple:quicktime:7.0.3", "cpe:/a:apple:quicktime:6.1.1", "cpe:/a:apple:quicktime:7.6.6", "cpe:/a:apple:quicktime:6.1", "cpe:/a:apple:quicktime:6.0.0", "cpe:/a:apple:quicktime:6.5.0", "cpe:/a:apple:quicktime:7.2.1", "cpe:/a:apple:quicktime:3.0", "cpe:/a:apple:quicktime:7.1.4", "cpe:/a:apple:quicktime:7.6.9", "cpe:/a:apple:quicktime:7.1.0", "cpe:/a:apple:quicktime:6.5", "cpe:/a:apple:quicktime:7.5.5", "cpe:/a:apple:quicktime:7.7.3", "cpe:/a:apple:quicktime:6.1.0", "cpe:/a:apple:quicktime:7.4.0", "cpe:/a:apple:quicktime:6.0.2", "cpe:/a:apple:quicktime:5.0.1", "cpe:/a:apple:quicktime:6.5.1"], "modified": "2017-09-18T21:35:58", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1021", "id": "CVE-2013-1021", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-07-30T14:02:43", "references": ["http://www.zerodayinitiative.com/advisories/ZDI-13-119/", "http://www.zerodayinitiative.com/advisories/ZDI-13-118/", "http://lists.apple.com/archives/security-announce/2013/May/msg00001.html", "http://support.apple.com/kb/HT5770", "http://www.zerodayinitiative.com/advisories/ZDI-13-117/", "http://www.zerodayinitiative.com/advisories/ZDI-13-116/", "http://www.zerodayinitiative.com/advisories/ZDI-13-114/", "http://www.zerodayinitiative.com/advisories/ZDI-13-080/", "http://www.zerodayinitiative.com/advisories/ZDI-13-113/", "http://www.zerodayinitiative.com/advisories/ZDI-13-115/", "http://www.zerodayinitiative.com/advisories/ZDI-13-112/", "http://www.zerodayinitiative.com/advisories/ZDI-13-111/", "http://www.securityfocus.com/archive/1/526669/30/0/threaded", "http://www.zerodayinitiative.com/advisories/ZDI-13-110/", "http://www.zerodayinitiative.com/advisories/ZDI-13-110/"], "pluginID": "66636", "description": "The version of QuickTime installed on the remote Windows host is older than 7.7.4. It is, therefore, reportedly affected by the following vulnerabilities :\n\n - Buffer overflow vulnerabilities exist in the handling of 'dref' atoms, 'enof' atoms, 'mvhd' atoms, FPX files, MP3 files, H.263 and H.264 encoded movie files, Sorenson encoded movie files, and JPEG encoded data.\n (CVE-2013-0986, CVE-2013-0988, CVE-2013-0989, CVE-2013-1016, CVE-2013-1017, CVE-2013-1018, CVE-2013-1019, CVE-2013-1021, CVE-2013-1022)\n\n - Memory corruption vulnerabilities exist in the handling of QTIF files, TeXML files, and JPEG encoded data.\n (CVE-2013-0987, CVE-2013-1015, CVE-2013-1020)\n\nSuccessful exploitation of these issues could result in program termination or arbitrary code execution, subject to the user's privileges.", "edition": 3, "reporter": "Tenable", "published": "2013-05-28T00:00:00", "title": "QuickTime < 7.7.4 Multiple Vulnerabilities (Windows)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0989", "CVE-2013-1019", "CVE-2013-0986", "CVE-2013-1016", "CVE-2013-1021", "CVE-2013-1018", "CVE-2013-1022", "CVE-2013-0987", "CVE-2013-1015", "CVE-2013-1017", "CVE-2013-0988", "CVE-2013-1020"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:apple:quicktime"], "id": "QUICKTIME_774.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66636", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(66636);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/25 18:58:06\");\n\n script_cve_id(\n \"CVE-2013-0986\",\n \"CVE-2013-0987\",\n \"CVE-2013-0988\",\n \"CVE-2013-0989\",\n \"CVE-2013-1015\",\n \"CVE-2013-1016\",\n \"CVE-2013-1017\",\n \"CVE-2013-1018\",\n \"CVE-2013-1019\",\n \"CVE-2013-1020\",\n \"CVE-2013-1021\",\n \"CVE-2013-1022\"\n );\n script_bugtraq_id(\n 60092,\n 60097,\n 60098,\n 60099,\n 60100,\n 60101,\n 60102,\n 60103,\n 60104,\n 60108,\n 60109,\n 60110\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-05-22-1\");\n\n script_name(english:\"QuickTime < 7.7.4 Multiple Vulnerabilities (Windows)\");\n script_summary(english:\"Checks version of QuickTime on Windows\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Windows host contains an application that may be affected\nby multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of QuickTime installed on the remote Windows host is older\nthan 7.7.4. It is, therefore, reportedly affected by the following\nvulnerabilities :\n\n - Buffer overflow vulnerabilities exist in the handling of\n 'dref' atoms, 'enof' atoms, 'mvhd' atoms, FPX files, MP3\n files, H.263 and H.264 encoded movie files, Sorenson\n encoded movie files, and JPEG encoded data.\n (CVE-2013-0986, CVE-2013-0988, CVE-2013-0989,\n CVE-2013-1016, CVE-2013-1017, CVE-2013-1018,\n CVE-2013-1019, CVE-2013-1021, CVE-2013-1022)\n\n - Memory corruption vulnerabilities exist in the handling\n of QTIF files, TeXML files, and JPEG encoded data.\n (CVE-2013-0987, CVE-2013-1015, CVE-2013-1020)\n\nSuccessful exploitation of these issues could result in program\ntermination or arbitrary code execution, subject to the user's\nprivileges.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-110/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-111/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-112/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-113/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-114/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-115/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-116/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-117/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-118/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-119/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5770\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/May/msg00001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/526669/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-080/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-110/\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to QuickTime 7.7.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apple Quicktime 7 Invalid Atom Length Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:quicktime\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"quicktime_installed.nasl\");\n script_require_keys(\"SMB/QuickTime/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nkb_base = \"SMB/QuickTime/\";\n\nversion = get_kb_item_or_exit(kb_base+\"Version\");\npath = get_kb_item_or_exit(kb_base+\"Path\");\n\nversion_ui = get_kb_item(kb_base+\"Version_UI\");\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui;\n\nfixed_version = \"7.74.80.86\";\nfixed_version_ui = \"7.7.4 (1680.86)\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : '+path+\n '\\n Installed version : '+version_report+\n '\\n Fixed version : '+fixed_version_ui+'\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\naudit(AUDIT_INST_PATH_NOT_VULN, 'QuickTime Player', version_report, path);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2018-07-06T07:32:47", "references": [], "description": "### *CVSS*:\n9.3\n\n### *Detect date*:\n05/22/2013\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Apple QuickTime. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service.\n\n### *Affected products*:\nApple QuickTime versions 7.7.3 and earlier\n\n### *Solution*:\nUpdate to latest version \n[QuickTime](<http://www.apple.com/quicktime/download/>)\n\n### *Original advisories*:\n[Apple entry](<http://support.apple.com/kb/HT5770>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple QuickTime](<https://threats.kaspersky.com/en/product/Apple-QuickTime/>)\n\n### *CVE-IDS*:\n[CVE-2013-1020](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1020>) \n[CVE-2013-1022](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1022>) \n[CVE-2013-1021](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1021>) \n[CVE-2013-0986](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0986>) \n[CVE-2013-0987](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0987>) \n[CVE-2013-0989](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0989>) \n[CVE-2013-1018](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1018>) \n[CVE-2013-1019](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1019>) \n[CVE-2013-0988](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0988>) \n[CVE-2013-1016](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1016>) \n[CVE-2013-1017](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1017>) \n[CVE-2013-1015](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1015>)", "edition": 7, "reporter": "Kaspersky Lab", "published": "2013-05-22T00:00:00", "title": "\r KLA10017Multiple vulnerabilities in Apple QuickTime ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2013-0989", "CVE-2013-1019", "CVE-2013-0986", "CVE-2013-1016", "CVE-2013-1021", "CVE-2013-1018", "CVE-2013-1022", "CVE-2013-0987", "CVE-2013-1015", "CVE-2013-1017", "CVE-2013-0988", "CVE-2013-1020"], "modified": "2018-07-05T00:00:00", "id": "KLA10017", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10017", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-02T21:11:20", "references": ["http://lists.apple.com/archives/security-announce/2013/May/msg00001.html", "http://support.apple.com/kb/HT5770", "http://secunia.com/advisories/53520"], "pluginID": "803809", "description": "This host is installed with QuickTime Player and is prone\n to multiple vulnerabilities.", "edition": 1, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-06-07T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "title": "Apple QuickTime Multiple Vulnerabilities - June13 (Windows)", "type": "openvas", "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0989", "CVE-2013-1019", "CVE-2013-0986", "CVE-2013-1016", "CVE-2013-1021", "CVE-2013-1018", "CVE-2013-1022", "CVE-2013-0987", "CVE-2013-1015", "CVE-2013-1017", "CVE-2013-0988", "CVE-2013-1020"], "modified": "2017-05-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803809", "id": "OPENVAS:803809", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_quicktime_mult_vuln_jun13_win.nasl 6074 2017-05-05 09:03:14Z teissa $\n#\n# Apple QuickTime Multiple Vulnerabilities - June13 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption or buffer overflow.\n Impact Level: System/Application\";\n\ntag_affected = \"QuickTime Player version prior to 7.7.4 on Windows\";\ntag_insight = \"Multiple flaws due to,\n Boundary error when handling\n - FPX files\n - 'enof' and 'mvhd' atoms\n - H.263 and H.264 encoded movie files\n - A certain value in a dref atom within a MOV file\n - A channel_mode value of MP3 files within the CoreAudioToolbox component\n Unspecified error when handling TeXML files, JPEG encoded data, QTIF files\";\ntag_solution = \"Upgrade to version 7.7.4 or later,\n For updates refer to http://support.apple.com/downloads\";\ntag_summary = \"This host is installed with QuickTime Player and is prone\n to multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(803809);\n script_version(\"$Revision: 6074 $\");\n script_cve_id(\"CVE-2013-1022\", \"CVE-2013-1021\", \"CVE-2013-1020\", \"CVE-2013-1019\",\n \"CVE-2013-1018\", \"CVE-2013-1017\", \"CVE-2013-1016\", \"CVE-2013-1015\",\n \"CVE-2013-0989\", \"CVE-2013-0988\", \"CVE-2013-0987\", \"CVE-2013-0986\");\n script_bugtraq_id(60104, 60103, 60108, 60102, 60098, 60097,\n 60092, 60110, 60101, 60100, 60109, 60099);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-05 11:03:14 +0200 (Fri, 05 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-07 18:15:48 +0530 (Fri, 07 Jun 2013)\");\n script_name(\"Apple QuickTime Multiple Vulnerabilities - June13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5770\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/53520\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2013/May/msg00001.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_quicktime_detection_win_900124.nasl\");\n script_mandatory_keys(\"QuickTime/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nquickVer = \"\";\n\n## Get the version from KB\nquickVer = get_kb_item(\"QuickTime/Win/Ver\");\nif(!quickVer){\n exit(0);\n}\n\n## Check for QuickTime Player Version less than 7.7.4\nif(version_is_less(version:quickVer, test_version:\"7.7.4\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:23:23", "references": ["http://lists.apple.com/archives/security-announce/2013/May/msg00001.html", "http://support.apple.com/kb/HT5770", "http://secunia.com/advisories/53520"], "pluginID": "1361412562310803809", "description": "This host is installed with QuickTime Player and is prone\n to multiple vulnerabilities.", "edition": 1, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-06-07T00:00:00", "type": "openvas", "title": "Apple QuickTime Multiple Vulnerabilities - June13 (Windows)", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0989", "CVE-2013-1019", "CVE-2013-0986", "CVE-2013-1016", "CVE-2013-1021", "CVE-2013-1018", "CVE-2013-1022", "CVE-2013-0987", "CVE-2013-1015", "CVE-2013-1017", "CVE-2013-0988", "CVE-2013-1020"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803809", "id": "OPENVAS:1361412562310803809", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_quicktime_mult_vuln_jun13_win.nasl 9353 2018-04-06 07:14:20Z cfischer $\n#\n# Apple QuickTime Multiple Vulnerabilities - June13 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption or buffer overflow.\n Impact Level: System/Application\";\n\ntag_affected = \"QuickTime Player version prior to 7.7.4 on Windows\";\ntag_insight = \"Multiple flaws due to,\n Boundary error when handling\n - FPX files\n - 'enof' and 'mvhd' atoms\n - H.263 and H.264 encoded movie files\n - A certain value in a dref atom within a MOV file\n - A channel_mode value of MP3 files within the CoreAudioToolbox component\n Unspecified error when handling TeXML files, JPEG encoded data, QTIF files\";\ntag_solution = \"Upgrade to version 7.7.4 or later,\n For updates refer to http://support.apple.com/downloads\";\ntag_summary = \"This host is installed with QuickTime Player and is prone\n to multiple vulnerabilities.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803809\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2013-1022\", \"CVE-2013-1021\", \"CVE-2013-1020\", \"CVE-2013-1019\",\n \"CVE-2013-1018\", \"CVE-2013-1017\", \"CVE-2013-1016\", \"CVE-2013-1015\",\n \"CVE-2013-0989\", \"CVE-2013-0988\", \"CVE-2013-0987\", \"CVE-2013-0986\");\n script_bugtraq_id(60104, 60103, 60108, 60102, 60098, 60097,\n 60092, 60110, 60101, 60100, 60109, 60099);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-07 18:15:48 +0530 (Fri, 07 Jun 2013)\");\n script_name(\"Apple QuickTime Multiple Vulnerabilities - June13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5770\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/53520\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2013/May/msg00001.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_quicktime_detection_win_900124.nasl\");\n script_mandatory_keys(\"QuickTime/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nquickVer = \"\";\n\n## Get the version from KB\nquickVer = get_kb_item(\"QuickTime/Win/Ver\");\nif(!quickVer){\n exit(0);\n}\n\n## Check for QuickTime Player Version less than 7.7.4\nif(version_is_less(version:quickVer, test_version:\"7.7.4\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}}
