The number of unpatched QuickTime flaws is: two

The number of recent QuickTime PoC’s is remarkable large and the active exploitation has begun as well, as many of the readers know.

However, the QuickTime RTSP vulnerability reported on 23th Nov is not the only one.

It appears that WabiSabiLabi team has reported that there is another (they call it zero-day vuln) flaw in Apple’s QuickTime player too.

This is what their blog post states:

We just want to specify that the vulnerability shown on those POCs IS NOT the one present in our marketplace.

They are pointing to PoCs listed at Milw0rm etc.

And a summary:

The first issue reported by Krystian Kloskowski (aka h07) is CVE-2007-6166 – CVSS score 9.3. For workarounds see US-CERT VU#659761.

The second issue reported by unknown person is CVE-2007-6238 – CVSS score 10.0. Reportedly ‘Affected system: Windows XP’.