|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-07-06 | |
| Rule Name: | Apple Quicktime for Windows QTPlugin.ocx ActiveX Control SetMatrix Denial of Service Vulnerability (CVE-2008-0778) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. | |
| Impact: | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:27769 ExploitDB:5110 http://securityreason.com/securityalert/3652 http://www.securityfocus.com/archive/1/488045/100/0/threaded |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://support.apple.com/downloads/QuickTime_7_4_5_for_Windows |