Apple.QuickTime.Plugin.Arbitrary.Script.Execution.Weakness
Description
This indicates a security bypass vulnerability in the Apple QuickTime browser plug-in. The flaw is caused by lacking of security checks on the "qtnext" parameter of the QuickTime Media Link files "embed" tag.
Affected Products
Apple QuickTime Plug-In 7.1.3
Impact
Arbitrary script code execution.
Recommended Actions
As of October 17, 2006, Fortinet is unaware of any vendor-released updates for this vulnerability.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |