Vulnerabilities > CVE-2010-1819 - Unspecified vulnerability in Apple Quicktime
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN apple
nessus
Summary
Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) CoreVideo.dll, (2) CoreGraphics.dll, or (3) CoreAudioToolbox.dll that is located in the same folder as a .pic image file.
Vulnerable Configurations
Nessus
| NASL family | Windows |
| NASL id | QUICKTIME_768.NASL |
| description | The version of QuickTime installed on the remote Windows host is older than 7.6.8. Such versions are reportedly affected by two vulnerabilities : - An input validation issue in the QTPlugin.ocx ActiveX control could allow an attacker to force the application to jump to a location in memory controlled by the attacker through the optional |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 49260 |
| published | 2010-09-16 |
| reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/49260 |
| title | QuickTime < 7.6.8 Multiple Vulnerabilities (Windows) |
References
- http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html
- http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html
- http://support.apple.com/kb/HT4339
- http://support.apple.com/kb/HT4339
- http://www.fortiguard.com/advisory/FGA-2010-46/
- http://www.fortiguard.com/advisory/FGA-2010-46/