Multiple Browser QuickTime Command Execution
Severity: CRITICAL
CVE Identifier: CVE-2007-5045,CVE-2007-4673
Advisory Date: JUL 21, 2015
DESCRIPTION
Mozilla Firefox or Microsoft Internet Explorer when used with Quicktime can be used to remotely execute commands with chrome privileges.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1001100
Trend Micro Deep Security DPI Rule Name: 1001100 - Multiple Browser QuickTime Command Execution
AFFECTED SOFTWARE AND VERSION
- Apple Quicktime 7.1.5
- Microsoft Internet Explorer
- Mozilla Firefox 2.0.0.6