Vulnerabilities > CVE-2007-2389 - Unspecified vulnerability in Apple Quicktime 7.1.6
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN apple
nessus
Summary
Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets.
Vulnerable Configurations
Nessus
NASL family Windows NASL id QUICKTIME_716_SECUPD.NASL description The version of QuickTime installed on the remote Windows host is less than 7.1.6.200, the version associated with Apple last seen 2020-06-01 modified 2020-06-02 plugin id 25347 published 2007-05-30 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25347 title QuickTime < 7.1.6 Security Update (Windows) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(25347); script_version("1.12"); script_cve_id("CVE-2007-2388", "CVE-2007-2389"); script_bugtraq_id(24221, 24222); script_name(english:"QuickTime < 7.1.6 Security Update (Windows)"); script_summary(english:"Checks version of QuickTime on Windows"); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains an application that is affected by multiple issues." ); script_set_attribute(attribute:"description", value: "The version of QuickTime installed on the remote Windows host is less than 7.1.6.200, the version associated with Apple's Security Update (QuickTime 7.1.6). As a result, a remote attacker who can trick a user on the affected system into opening a malicious Java applet using QuickTime may be able to execute arbitrary code remotely subject to the user's privileges or to gain read access to the web browser's memory." ); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/?artnum=305531" ); script_set_attribute(attribute:"see_also", value:"https://lists.apple.com/archives/security-announce/2007/May/msg00005.html" ); script_set_attribute(attribute:"solution", value: "Either use QuickTime's Software Update preference to upgrade to the latest version or apply Apple's Security Update (QuickTime 7.1.6) or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(264); script_set_attribute(attribute:"plugin_publication_date", value: "2007/05/30"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/05/29"); script_cvs_date("Date: 2018/11/15 20:50:28"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_dependencies("quicktime_installed.nasl"); script_require_keys("SMB/QuickTime/Version"); exit(0); } ver = get_kb_item("SMB/QuickTime/Version"); if (isnull(ver)) exit(0); iver = split(ver, sep:'.', keep:FALSE); for (i=0; i<max_index(iver); i++) iver[i] = int(iver[i]); if ( iver[0] < 7 || ( iver[0] == 7 && ( iver[1] < 1 || ( iver[1] == 1 && ( iver[2] < 6 || (iver[2] == 6 && iver[3] < 200) ) ) ) ) ) { report = string( "Version ", ver, " of QuickTime is currently installed\n", "on the remote host.\n" ); security_hole(port:get_kb_item("SMB/transport"), extra:report); }NASL family MacOS X Local Security Checks NASL id MACOSX_QUICKTIME716_SECUPD.NASL description According to its version, the installation of Quicktime on the remote Mac OS X host that contains a bug which might allow a rogue Java program to write anywhere in the heap. An attacker may be able to leverage these issues to execute arbitrary code on the remote host by luring a victim into visiting a rogue page containing a malicious Java applet. last seen 2020-06-01 modified 2020-06-02 plugin id 25346 published 2007-05-30 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25346 title Quicktime Multiple Vulnerabilities (Mac OS X 7.1.6 Security Update) code # # (C) Tenable Network Security, Inc. # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(25346); script_version ("1.13"); script_cve_id("CVE-2007-2388", "CVE-2007-2389"); script_bugtraq_id(24221, 24222); script_name(english:"Quicktime Multiple Vulnerabilities (Mac OS X 7.1.6 Security Update)"); script_set_attribute(attribute:"synopsis", value: "The remote Mac OS X host contains an application that is prone to multiple attacks." ); script_set_attribute(attribute:"description", value: "According to its version, the installation of Quicktime on the remote Mac OS X host that contains a bug which might allow a rogue Java program to write anywhere in the heap. An attacker may be able to leverage these issues to execute arbitrary code on the remote host by luring a victim into visiting a rogue page containing a malicious Java applet." ); # http://web.archive.org/web/20070714134644/http://docs.info.apple.com/article.html?artnum=305531 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3f11b9bd" ); script_set_attribute(attribute:"solution", value: "Install the Quicktime 7.1.6 Security Update." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(264); script_set_attribute(attribute:"plugin_publication_date", value: "2007/05/30"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/05/29"); script_set_attribute(attribute:"patch_publication_date", value: "2007/05/19"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime"); script_end_attributes(); script_summary(english:"Check for Quicktime 7.1.6 Security Update"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_family(english:"MacOS X Local Security Checks"); script_dependencies("macosx_Quicktime652.nasl"); script_require_keys("MacOSX/QuickTime/Version"); exit(0); } # ver = get_kb_item("MacOSX/QuickTime/Version"); if (! ver ) exit(0); packages = get_kb_item("Host/MacOSX/packages"); if ( ! packages ) exit(0); version = split(ver, sep:'.', keep:FALSE); if ( (int(version[0]) == 7 && int(version[1]) == 1 && int(version[2]) == 6) ) { if ( ! egrep(pattern:"^SecUpdQuickTime716\.pkg", string:packages) ) security_hole(0); }NASL family Windows NASL id QUICKTIME_72.NASL description The version of QuickTime installed on the remote Windows host is older than 7.2. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted file with QuickTime. last seen 2020-06-01 modified 2020-06-02 plugin id 25703 published 2007-07-12 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25703 title QuickTime < 7.2 Multiple Vulnerabilities (Windows) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(25703); script_version("1.18"); script_cve_id("CVE-2007-2295", "CVE-2007-2296", "CVE-2007-2388", "CVE-2007-2389", "CVE-2007-2393", "CVE-2007-2396", "CVE-2007-2397", "CVE-2007-2402" ); script_bugtraq_id(23650, 23652, 24221, 24222, 24873); script_name(english:"QuickTime < 7.2 Multiple Vulnerabilities (Windows)"); script_summary(english:"Checks version of QuickTime on Windows"); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains an application that is affected by multiple issues." ); script_set_attribute(attribute:"description", value: "The version of QuickTime installed on the remote Windows host is older than 7.2. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted file with QuickTime." ); script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2007/Jul/243" ); script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=305947" ); script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2007/Jul/msg00001.html" ); script_set_attribute(attribute:"solution", value: "Either use QuickTime's Software Update preference to upgrade to the latest version or manually upgrade to QuickTime 7.2 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119, 189, 200, 264); script_set_attribute(attribute:"plugin_publication_date", value: "2007/07/12"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/04/25"); script_cvs_date("Date: 2018/07/25 18:58:06"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_dependencies("quicktime_installed.nasl"); script_require_keys("SMB/QuickTime/Version"); exit(0); } # ver = get_kb_item("SMB/QuickTime/Version"); if (isnull(ver)) exit(0); iver = split(ver, sep:'.', keep:FALSE); for (i=0; i<max_index(iver); i++) iver[i] = int(iver[i]); if (iver[0] < 7 || (iver[0] == 7 && iver[1] < 2)) { report = string( "Version ", ver, " of QuickTime is currently installed\n", "on the remote host.\n" ); security_hole(port:get_kb_item("SMB/transport"), extra:report); }NASL family MacOS X Local Security Checks NASL id MACOSX_QUICKTIME72.NASL description The version of QuickTime installed on the remote Mac OS X host is older than 7.2. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted file with QuickTime. last seen 2020-06-01 modified 2020-06-02 plugin id 25704 published 2007-07-12 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25704 title QuickTime < 7.2 Multiple Vulnerabilities (Mac OS X) code # # (C) Tenable Network Security, Inc. # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if (description) { script_id(25704); script_version("1.20"); script_cve_id("CVE-2007-2295", "CVE-2007-2296", "CVE-2007-2388", "CVE-2007-2389", "CVE-2007-2392", "CVE-2007-2393", "CVE-2007-2394", "CVE-2007-2396", "CVE-2007-2397", "CVE-2007-2402"); script_bugtraq_id(23650, 23652, 24221, 24222, 24873); script_name(english:"QuickTime < 7.2 Multiple Vulnerabilities (Mac OS X)"); script_summary(english:"Checks version of QuickTime on Mac OS X"); script_set_attribute(attribute:"synopsis", value: "The remote Mac OS X host contains an application that is affected by multiple issues." ); script_set_attribute(attribute:"description", value: "The version of QuickTime installed on the remote Mac OS X host is older than 7.2. Such versions contain several vulnerabilities that may allow an attacker to execute arbitrary code on the remote host if he can trick the user to open a specially crafted file with QuickTime." ); script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=305947" ); script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2007/Jul/msg00001.html" ); script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2007/Jul/243" ); script_set_attribute(attribute:"solution", value: "Either use QuickTime's Software Update preference to upgrade to the latest version or manually upgrade to QuickTime 7.2 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(119, 189, 200, 264); script_set_attribute(attribute:"plugin_publication_date", value: "2007/07/12"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/04/25"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_set_attribute(attribute:"patch_publication_date", value: "2007/07/11"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:quicktime"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_dependencies("macosx_Quicktime652.nasl"); script_require_keys("MacOSX/QuickTime/Version"); exit(0); } # ver = get_kb_item("MacOSX/QuickTime/Version"); if (! ver ) exit(0); version = split(ver, sep:'.', keep:FALSE); if ( (int(version[0]) < 7) || (int(version[0]) == 7 && int(version[1]) < 2 ) ) security_hole(0);
References
- http://lists.apple.com/archives/security-announce/2007/May/msg00005.html
- http://lists.apple.com/archives/security-announce/2007/May/msg00005.html
- http://secunia.com/advisories/25130
- http://secunia.com/advisories/25130
- http://www.kb.cert.org/vuls/id/434748
- http://www.kb.cert.org/vuls/id/434748
- http://www.osvdb.org/35575
- http://www.osvdb.org/35575
- http://www.securityfocus.com/bid/24222
- http://www.securityfocus.com/bid/24222
- http://www.securitytracker.com/id?1018136
- http://www.securitytracker.com/id?1018136
- http://www.vupen.com/english/advisories/2007/1974
- http://www.vupen.com/english/advisories/2007/1974
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34571
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34571