Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL network
high complexity
apple
nessus
exploit available
Published: 2005-05-02
Updated: 2016-10-18
Summary
Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data.
Vulnerable Configurations
| Part | Description | Count |
| Application | Apple | 1 |
Exploit-Db
| description | Apple QuickTime 6.5.1 PictureViewer Buffer Overflow Vulnerability. CVE-2005-0903. Dos exploit for windows platform |
| id | EDB-ID:25281 |
| last seen | 2016-02-03 |
| modified | 2005-03-26 |
| published | 2005-03-26 |
| reporter | [email protected] |
| source | https://www.exploit-db.com/download/25281/ |
| title | Apple QuickTime 6.5.1 PictureViewer Buffer Overflow Vulnerability |
Nessus
| NASL family | Windows |
| NASL id | QUICKTIME_PICTUREVIEWER_OVERFLOW.NASL |
| description | The remote host is using QuickTime, a popular media player/Plug-in that handles many Media files. The remote version of this software contains a buffer overflow vulnerability in its PictureViewer that could allow an attacker to execute arbitrary code on the remote host. To exploit this vulnerability, an attacker needs to send a malformed image file to a victim on the remote host and wait for it to be opened using QuickTime PictureViewer |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 17637 |
| published | 2005-03-28 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/17637 |
| title | QuickTime < 6.5.2 PictureViewer Malformed JPEG Overflow (Windows) |
| code | #
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if(description)
{
script_id(17637);
script_version("1.15");
script_cve_id("CVE-2005-0903");
script_bugtraq_id(12905);
script_name(english: "QuickTime < 6.5.2 PictureViewer Malformed JPEG Overflow (Windows)");
script_set_attribute(attribute:"synopsis", value:
"Arbitrary code may be run on the remote host." );
script_set_attribute(attribute:"description", value:
"The remote host is using QuickTime, a popular media player/Plug-in
that handles many Media files.
The remote version of this software contains a buffer overflow vulnerability
in its PictureViewer that could allow an attacker to execute arbitrary code
on the remote host.
To exploit this vulnerability, an attacker needs to send a malformed image
file to a victim on the remote host and wait for it to be opened using
QuickTime PictureViewer" );
script_set_attribute(attribute:"solution", value:
"Upgrade to QuickTime version 6.5.2 or later." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value: "2005/03/28");
script_set_attribute(attribute:"vuln_publication_date", value: "2005/03/27");
script_cvs_date("Date: 2018/07/25 18:58:06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime");
script_end_attributes();
script_summary(english: "Determines the version of QuickTime Player/Plug-in");
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
script_family(english: "Windows");
script_dependencies("quicktime_installed.nasl");
script_require_keys("SMB/QuickTime/Version");
exit(0);
}
ver = get_kb_item("SMB/QuickTime/Version");
if (ver && ver =~ "^([0-5]\.|6\.([0-4]\.|5\.[01]$))") security_hole(get_kb_item("SMB/transport"));
|