This host is installed with Apple QuickTime and is prone to multiple vulnerabilities.

Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service. Impact Level: System/Application

Upgrade to QuickTime Player version 7.7.2 or later, For updates refer to http://support.apple.com/downloads/

The flaws are due to - Errors within the handling of TeXML files. - An error when handling of text tracks and MPEG files and sean atoms. - An error while handling RLE, JPEG2000, H.264 and Sorenson encoded movie files. - An error exists within the parsing of MP4 encoded files and .pict files. - An off-by-one error can be exploited to cause a single byte buffer overflow. - An error when handling audio samples. - An error within the plugin's handling of QTMovie objects. - An error when parsing the MediaVideo header in videos encoded with the PNG format. - A signedness error within the handling of QTVR movie files. - A boundary error in QuickTime.qts when extending a file path based on its short path.

QuickTime Player version prior to 7.7.2 on Windows

• http://prod.lists.apple.com/archives/security-announce/2012/May/msg00005.html
• http://secunia.com/advisories/47447/
• http://securitytracker.com/id/1027065
• http://support.apple.com/kb/HT5261

---

Updated on 2015-03-25