Vulnerabilities > CVE-2008-4095 - Unspecified vulnerability in Flip4Mac WMV

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
flip4mac
critical
nessus
NVD
Published: 2008-09-16
Updated: 2017-08-08

Summary

Multiple unspecified vulnerabilities in the Importer in Flip4Mac WMV before 2.2.1 have unknown impact and attack vectors, different vulnerabilities than CVE-2007-6713.

Vulnerable Configurations

Part Description Count
Application
Flip4Mac
8

Nessus

NASL familyMacOS X Local Security Checks
NASL idMACOSX_FLIP4MAC_221.NASL
descriptionThe remote Mac OS X host is running a version of Flip4Mac that contains an unspecified vulnerability in its decoder. Flip4Mac is an extension that lets users read
last seen2020-03-18
modified2008-10-01
plugin id34322
published2008-10-01
reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/34322
titleMac OS X : Flip4Mac < 2.2.1 Unspecified Vulnerability
code
#TRUSTED 228a1024718c3844d21fd9b2d623f2c9a933a3b60589f137241106a3bf10e0cbd9ddda81f85fc0364940d34ccabf6da7090d221f70a0cbc4bfae9038104e045a9e87c1cacef4074d73ee87d2837d8f22d65e6f3323ad2513874d15d283ca10d8bd71ac0e2ac25e587ab4b59cd24cac4fef1b8324c49955f66bbc0aa4bc35245fc247f76a97c9eb8e34cb998e1fb22937fa35796245f0f3ca094f9b7c9e28d7559074749fb59fedea85c1a8e0ddc119c079004731645a9aa02a1657bac0379603ff8089662e1ac52fdcc4a40d9e9d6632133c07f3f0819d4332ecec549eb20596255c9440289fbc5fd973163d5219f71dd5a3b614dd4b43b98f741a430cc5b0dbbae83d8b64c9142b689fcfffe1e9015aa841b451a5149fa0d68b82e7de61a88f9cef3e9e0f3ae0a009921852c33a881a8e81143558140a9a66385417bf42bb019a2818a55b77c2f706ec8b2f4a95faeb1a480b2e9a8894d2b56a46fe2b12332bb97470c220f758c5cb5aad2aa06b17c70df6745a38cd81fd0569e47fc5739733868fa1117f5d35bdae7ba9898f08c42cf8dc587d9f67b00bf4f9e119344e75bf5b41e0f7f95dd7b8cc3bfaa8ac0315238b551de0011c5626dc817fbf0f30b7805f63df0ee3ac25ed9b81d5c08a5599ba9a5e8b598819a76fa0c15462cf3f8f1ad38bfaa9b8a1678abfd78eb1d5fa89109cd655b2f9f1784b8b7e1cb44285539a
#
# (C) Tenable Network Security, Inc.
#

if ( ! defined_func("bn_random") ) exit(0);

include("compat.inc");

if (description)
{
 script_id(34322);
 script_version("1.13");
 script_set_attribute(attribute:"plugin_modification_date", value:"2018/07/14");

 script_cve_id("CVE-2008-4095");
 script_bugtraq_id(31505);

 script_name(english:"Mac OS X : Flip4Mac < 2.2.1 Unspecified Vulnerability");
 script_summary(english:"Check for Flip4Mac on the remote host");

 script_set_attribute(attribute:"synopsis", value:"The remote host is affected by a vulnerability in its WMV decoder.");
 script_set_attribute(attribute:"description", value:
"The remote Mac OS X host is running a version of Flip4Mac that contains
an unspecified vulnerability in its decoder. 

Flip4Mac is an extension that lets users read '.wmv' movie files.  By
enticing a user on the remote host to read a malformed '.wmv' file, an
attacker may be able to execute arbitrary commands on the remote
system.");
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f1935549");
 script_set_attribute(attribute:"solution", value:"Upgrade to Flip4Mac Version 2.2.1 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"patch_publication_date", value:"2008/09/15");
 script_set_attribute(attribute:"plugin_publication_date", value:"2008/10/01");
 script_set_attribute(attribute:"plugin_type", value:"local");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
 script_family(english:"MacOS X Local Security Checks");

 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}

include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");



if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS)
  enable_ssh_wrappers();
else disable_ssh_wrappers();

function _GetBundleVersionCmdInfo(file, path, label )
{
  local_var ret, suffix;
  local_var cmd;

   suffix = "/Contents/Info.plist";
   cmd    = "cat";


 file = str_replace(find:' ', replace:'\\ ', string:file);

 if ( !isnull(path) )
   {
   path = str_replace(find:' ', replace:'\\ ', string:path);
   ret = "cd " + path + " 2>/dev/null && ";
   }
 else
   ret = "";


 ret += cmd + " " + file + suffix + "|grep -A 1 " + label + " " + '| tail -n 1 | sed \'s/.*string>\\(.*\\)<\\/string>.*/\\1/g\''
;
 return ret;
}


function exec(cmd)
{
 local_var ret, buf;

 if ( islocalhost() )
  buf = pread(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd));
 else
 {
  ret = ssh_open_connection();
  if ( ! ret ) exit(0);
  buf = ssh_cmd(cmd:cmd);
  ssh_close_connection();
 }

 if ( buf !~ "^[0-9]" ) exit(0);

 buf = chomp(buf);
 return buf;
}


packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);

uname = get_kb_item("Host/uname");
if ( egrep(pattern:"Darwin.* ", string:uname) )
{
 cmd = _GetBundleVersionCmdInfo(file:"Flip4Mac WMV Import.component", path:"/Library/QuickTime", label:"CFBundleVersion");
 buf = exec(cmd:cmd);
 if ( ! strlen(buf) ) exit(0);
 array = split(buf, sep:'.', keep:FALSE);
 # Fixed in version 2.2.1.11
 if ( int(array[0]) < 2 ||
     (int(array[0]) == 2 && int(array[1]) < 2 ) ||
     (int(array[0]) == 2 && int(array[1]) == 2 && int(array[2]) < 1 ) ||
     (int(array[0]) == 2 && int(array[1]) == 2 && int(array[2]) == 1 && int(array[3]) < 11 ) )
 {
   security_hole(0);
 }
}

References