Infesting you with Virus News
 

Vulnerabilities

Apple QuickTime before version 7.6.2 DDOS vulnerability (PC1-2009-1478)

Overview

Vulnerability chart

Risk level
  • Low
  • Medium
  • High
  • Extreme
  • Severe
Warning: security vulnerability level = severe
88 vulnerabilities(-y) found between 1 April, 2003 and 10 September, 2009.
QuickTime is a multimedia framework developed by Apple Inc. It can handle... more
See also: Quicktime, QuickTime Java, QuickTime Player, Apple QuickTime MPEG-2 Playback Component, Apple QuickTime Player, The Apple QuickTime, Apple's QuickTime, Apple QuickTime PictureViewer, Apple's QuickTime Player, QuickTime
65 files found: PLAYER.EXE, FILTERS.EXE, QTNOTIFY.EXE, VIEWER.EXE, STEREO.EXE, EACHPIC.EXE, BIGEIGHT.EXE, EACHMOV.EXE, WINPLAY1.EXE, QTHNDLR.DLL, QTIM.DLL, PLAYENU.DLL, SETUPENU.DLL, QTIMCMGR.DLL, MCIQTENU.DLL... more
DDOS vulnerability was found in Apple QuickTime before 7.6.2.
DDOS
Yes, patch
is available
Patch is easy
to implement

References to Advisories, Solutions, and Tools

Description:

By using this particular vulnerability, remote attackers are enabled to execute arbitrary code or cause a denial of service that is memory corruption and application crash. This may be done through a crafted movie. It is made of a Sorenson 3 video file.

Impact:

By this type of vulnerability, information can be revealed and changes can be made without any authorization. Also, a service can be broken up.

Solution:

We recommend users who have faced this particular vulnerability, to apply the updates and upgrade their installations.

References:http://www.vupen.com/english/advisories/2009/1469
http://support.apple.com/kb/HT3591
http://support.apple.com/kb/HT3591
http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html
http://www.securityfocus.com/bid/35159
http://secunia.com/secunia_research/2009-10/
http://secunia.com/advisories/35091

Impact

CVSS Severity

CVSS Version 2 Metrics:

CVSS v2 Base Score:9.3 (HIGH)Access Vector:N/A
Impact Subscore: 10.0Access Complexity: Medium
Exploitability Subscore: 8.6Authentication: Not required to exploit
Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Say something interesting!

Name:
Email:
Website:
Comment:
Please type 5-digit security code below:
Captcha image for spam protection

Featured Videos

Registry Tutorials
From: PC1News Videos
Added: November 11, 2008
more videos

Latest Comments

Generic Dropper.p
September 6, 2010
magic story very thanks more..
Generic Dropper.p
September 6, 2010
good material thanks more..
Generic Dropper.p
September 6, 2010
I'm happy very good site more..
more comments..
rss
Home | Files | Programs | Latest Comments | About us | Privacy Policy | Contributors | Write For Us | Contact Us
© 2008 - 2010 pc1news.com - All rights reserved.
Home  Tips  Downloads Videos Virus List Vulnerabilities
Home > Vulnerabilities > pc1-2009-1478