ID de Prueba:	1.3.6.1.4.1.25623.1.0.800578
Categoría:	Denial of Service
Título:	Apple QuickTime Multiple Vulnerabilities (Jun 2009)
Resumen:	Apple QuickTime is prone to Multiple Vulnerabilities.
Descripción:	Summary: Apple QuickTime is prone to Multiple Vulnerabilities. Vulnerability Insight: The flaws are due to - an unspecified error while handling malicious 1)FLC compression files, 2)compressed PSD images, 3)PICT images, 4)JP2 images. - an error in the parsing of Sorenson Video 3 content. - a boundary error in the processing of MS ADPCM encoded audio data. - an error due to the usage of uninitialised memory when a movie with a user data atom size of zero is viewed. - a sign extension error while the handling malicious image description atoms in an Apple video file. Vulnerability Impact: Successful exploitation allows attackers to execute arbitrary code, cause memory corruption or unexpected application termination via specially crafted files, images and videos. Affected Software/OS: Apple QuickTime version prior to 7.6.2 on Windows. Solution: Upgrade to Apple QuickTime version 7.6.2 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0951 http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html BugTraq ID: 35161 http://www.securityfocus.com/bid/35161 http://osvdb.org/54878 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16098 http://www.securitytracker.com/id?1022314 http://secunia.com/advisories/35091 http://www.vupen.com/english/advisories/2009/1469 XForce ISS Database: quicktime-flc-bo(50887) https://exchange.xforce.ibmcloud.com/vulnerabilities/50887 Common Vulnerability Exposure (CVE) ID: CVE-2009-0952 BugTraq ID: 35168 http://www.securityfocus.com/bid/35168 http://osvdb.org/54877 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15793 Common Vulnerability Exposure (CVE) ID: CVE-2009-0953 BugTraq ID: 35164 http://www.securityfocus.com/bid/35164 http://osvdb.org/54876 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15939 XForce ISS Database: quicktime-pictfile-bo(50890) https://exchange.xforce.ibmcloud.com/vulnerabilities/50890 Common Vulnerability Exposure (CVE) ID: CVE-2009-0954 BugTraq ID: 35167 http://www.securityfocus.com/bid/35167 http://osvdb.org/54875 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15344 XForce ISS Database: quicktime-crgn-bo(50892) https://exchange.xforce.ibmcloud.com/vulnerabilities/50892 Common Vulnerability Exposure (CVE) ID: CVE-2009-0955 BugTraq ID: 35166 http://www.securityfocus.com/bid/35166 http://osvdb.org/54874 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16159 XForce ISS Database: quicktime-image-description-code-exec(50895) https://exchange.xforce.ibmcloud.com/vulnerabilities/50895 Common Vulnerability Exposure (CVE) ID: CVE-2009-0956 BugTraq ID: 35162 http://www.securityfocus.com/bid/35162 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16188 XForce ISS Database: quicktime-userdata-code-execution(50896) https://exchange.xforce.ibmcloud.com/vulnerabilities/50896 Common Vulnerability Exposure (CVE) ID: CVE-2009-0957 BugTraq ID: 35165 http://www.securityfocus.com/bid/35165 http://osvdb.org/54873 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16155 XForce ISS Database: quicktime-jp2-bo(50898) https://exchange.xforce.ibmcloud.com/vulnerabilities/50898 Common Vulnerability Exposure (CVE) ID: CVE-2009-0185 BugTraq ID: 35163 http://www.securityfocus.com/bid/35163 Bugtraq: 20090602 Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/504006/100/0/threaded http://secunia.com/secunia_research/2009-6/ http://osvdb.org/54879 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15727 XForce ISS Database: quicktime-msadpcm-bo(50894) https://exchange.xforce.ibmcloud.com/vulnerabilities/50894 Common Vulnerability Exposure (CVE) ID: CVE-2009-0188 BugTraq ID: 35159 http://www.securityfocus.com/bid/35159 Bugtraq: 20090602 Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504007/100/0/threaded http://secunia.com/secunia_research/2009-10/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085 XForce ISS Database: quicktime-sorensonvideo-code-execution(50886) https://exchange.xforce.ibmcloud.com/vulnerabilities/50886
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.