By default QuickTimePlayer installation does't come with CoreFoundation.dll but QT Player tries to load the DLL when started.
Create any malicious DLL and rename it to CoreFoundation.dll, copy to C:\Program Files (x86)\QuickTime\
After copying the DLL if we start QuickTimePlayer we will execute the code part of malicious DLL leading to DLL Injection.
Location: C:\Program Files (x86)\QuickTime\CoreFoundation.dll
Application: QuickTime 7.7.2
OS: Windows 7 Ultimate N SP1
Apples response
After examining your report we do not see any actual security implications.
Writing a file to the C:\Program Files (x86)\QuickTime directory requires local
administrative privileges.
No comments:
Post a Comment