Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with Apple QuickTime which is prone to Multiple Arbitrary Code Execution Vulnerabilities.
Insight
Insight
The flaws are due to, - boundary error when parsing packed scanlines from a PixData structure in a PICT file which can be exploited via specially crafted PICT file. - memory corruption issue in AAC-encoded media content can be exploited via a specially crafted media file. - error in the handling of PICT files or Indeo video codec content that can be exploited via a specially crafted PICT file or movie file with Indeo video codec content respectively. - error in the handling of file URLs that can be exploited by making user to play maliciously crafted QuickTime content.
Affected Software
Affected Software
Apple QuickTime before 7.5 on Windows (Any).
Solution
Solution
Upgrade to Apple QuickTime version 7.5 or later.