Apple QuickTime "QTPlugin.ocx" Trusted Parameter Value Vulnerability
RISK: Medium Risk
A vulnerability has been identified in Apple QuickTime, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a memory trust error in the "QTPlugin.ocx" plugin when using the "_Marshaled_pUnk" parameter value as a pUnknown pointer, which could allow attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
Impact
- Remote Code Execution
System / Technologies affected
- QuickTime version 7.6.7 and prior
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to QuickTime version 7.6.8 :
http://www.apple.com/quicktime/download/
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with