Apple QuickTime 'file:' URI File Execution Vulnerability

Bugtraq ID: 29650
Class: Design Error
CVE: CVE-2008-1585
Remote: Yes
Local: No
Published: Jun 09 2008 12:00AM
Updated: Jun 11 2008 07:32PM
Credit: Vinoo Thomas, Rahul Mohandas, and Petko D. (pdp) Petkov
Vulnerable: Apple QuickTime Player 7.4.5
+ Apple Mac OS X 10.4.9
+ Apple Mac OS X 10.3.9
+ Apple Mac OS X 10.5
+ Apple Mac OS X Server 10.4.9
+ Apple Mac OS X Server 10.3.9
+ Apple Mac OS X Server 10.5
Apple QuickTime Player 7.4.1
Apple QuickTime Player 7.3.1 .70
Apple QuickTime Player 7.3.1
Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 7.4
Apple QuickTime Player 7.4
Apple QuickTime Player 7.3
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1
Not Vulnerable: Apple QuickTime Player 7.5


 

Privacy Statement
Copyright 2010, SecurityFocus