Summary
The host is installed with Apple QuickTime and is prone to multiple Denial Of Service vulnerabilities.
Impact
Successful exploitation will let attacker to cause an unexpected application termination or arbitrary code execution.
Impact Level: Application
Solution
Upgrade to Apple QuickTime version 7.6.6 or later, http://www.apple.com/quicktime/download/
Insight
Multiple flaws are due to:
- An heap buffer overflow in the handling of PICT images.
- A memory corruption issue in the handling of BMP images.
- An integer overflow in the handling of 'PICT' images.
- A memory corruption the handling of color tables in movie files.
Affected
Apple QuickTime before 7.6.6 on Windows.
References
Severity
Classification
-
CVE CVE-2010-0527, CVE-2010-0528, CVE-2010-0529, CVE-2010-0536 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Media Server Memory Corruption Remote Denial of Service Vulnerability
- Freeciv Multiple Remote Denial Of Service Vulnerabilities
- ClamAV Denial of Service Vulnerability (Win)
- ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
- ActFax Server Multiple Remote Buffer Overflow Vulnerabilities