Multiple Browser QuickTime Command Execution
Severity: : Critical
CVE Kennungen: : CVE-2007-5045,CVE-2007-4673
Advisory Date: 21 de июля de 2015
DESCRIPTION
Mozilla Firefox or Microsoft Internet Explorer when used with Quicktime can be used to remotely execute commands with chrome privileges.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1001100
Trend Micro Deep Security DPI Rule Name: 1001100 - Multiple Browser QuickTime Command Execution
AFFECTED SOFTWARE AND VERSION:
- Apple Quicktime 7.1.5
- Microsoft Internet Explorer
- Mozilla Firefox 2.0.0.6