Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:ACTIVEX:QTPLUGINX |
|---|---|
Severity |
Major |
Recommended |
No |
Category |
HTTP |
Keywords |
Apple Quicktime QTPlugin.ocx ActiveX Control |
Release Date |
2013/01/14 |
Update Number |
2224 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Apple Quicktime QTPlugin.ocx ActiveX Control
This signature detects attempts to use unsafe ActiveX controls in Apple QuickTime. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object.
Affected Products
- Apple quicktime 3.0
- Apple quicktime 4.1.2
- Apple quicktime 5.0
- Apple quicktime 5.0.1
- Apple quicktime 5.0.2
- Apple quicktime 6.0
- Apple quicktime 6.0.0
- Apple quicktime 6.0.1
- Apple quicktime 6.0.2
- Apple quicktime 6.1
- Apple quicktime 6.1.0
- Apple quicktime 6.1.1
- Apple quicktime 6.2.0
- Apple quicktime 6.3.0
- Apple quicktime 6.4.0
- Apple quicktime 6.5
- Apple quicktime 6.5.0
- Apple quicktime 6.5.1
- Apple quicktime 6.5.2
- Apple quicktime 7.0
- Apple quicktime 7.0.0
- Apple quicktime 7.0.1
- Apple quicktime 7.0.2
- Apple quicktime 7.0.3
- Apple quicktime 7.0.4
- Apple quicktime 7.1
- Apple quicktime 7.1.0
- Apple quicktime 7.1.1
- Apple quicktime 7.1.2
- Apple quicktime 7.1.3
- Apple quicktime 7.1.4
- Apple quicktime 7.1.5
- Apple quicktime 7.1.6
- Apple quicktime 7.2
- Apple quicktime 7.2.0
- Apple quicktime 7.2.1
- Apple quicktime 7.3
- Apple quicktime 7.3.0
- Apple quicktime 7.3.1
- Apple quicktime 7.3.1.70
- Apple quicktime 7.4
- Apple quicktime 7.4.0
- Apple quicktime 7.4.1
- Apple quicktime 7.4.5
- Apple quicktime 7.5.0
- Apple quicktime 7.5.5
- Apple quicktime 7.6.0
- Apple quicktime 7.60.92.0
- Apple quicktime 7.6.1
- Apple quicktime 7.6.2
- Apple quicktime 7.62.14.0
- Apple quicktime 7.64.17.73
- Apple quicktime 7.6.5
- Apple quicktime 7.65.17.80
- Apple quicktime 7.6.6
- Apple quicktime 7.66.71.0
- Apple quicktime 7.6.7
- Apple quicktime 7.67.75.0
- Apple quicktime 7.6.8
- Apple quicktime 7.68.75.0
- Apple quicktime 7.6.9
- Apple quicktime 7.69.80.9
- Apple quicktime 7.7.0
- Apple quicktime 7.7.1
References
- BugTraq: 53577
- BugTraq: 27769
- BugTraq: 42841
- CVE: CVE-2012-3754
- CVE: CVE-2008-0778
- CVE: CVE-2010-1818
- CVE: CVE-2012-0666