Quicktime < 7.1.6 quicktime.util.QTHandleRef toQTPointer Method Arbitrary Code Execution (Mac OS X)

high Nessus Plugin ID 25122

Synopsis

The remote Mac OS X host contains an application that is prone to multiple attacks.

Description

According to its version, the installation of Quicktime on the remote Mac OS X host which contains a bug which might allow a rogue Java program to write anywhere in the heap.

An attacker may be able to leverage these issues to execute arbitrary code on the remote host by luring a victim into visiting a rogue page containing a malicious Java applet.

Solution

Upgrade to Quicktime version 7.1.6 or later.

See Also

http://www.nessus.org/u?8c7ccf6b

Plugin Details

Severity: High

ID: 25122

File Name: macosx_Quicktime716.nasl

Version: 1.12

Type: local

Agent: macosx

Published: 5/2/2007

Updated: 7/14/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:apple:quicktime

Required KB Items: MacOSX/QuickTime/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/1/2007

Vulnerability Publication Date: 4/24/2007

Exploitable With

Core Impact

Metasploit (Apple QTJava toQTPointer() Arbitrary Memory Access)

Reference Information

CVE: CVE-2007-2175

BID: 23608