|
Multiple vulnerabilities in Apple QuickTime 7.x |
|
|
|
|
Written by crashoveride
|
|
Saturday, 14 June 2008 |
|
Systems Affected
• Apple QuickTime Player 7.4
• Apple QuickTime Player 7.3
• Apple QuickTime Player 7.2
• Apple QuickTime Player 7.1
• Apple QuickTime Player 7.x
in Mac OS X, Windows Vista, Windows XP SP2 platforms.
Overview
Multiple vulnerabilities have been reported in Apple QuickTime that
could be exploited by the remote attackers to cause a denial of service
(i.e. application crash) and execute arbitrary code.These
vulnerabilities can be exploited by persuading the users to open
specially media files.
Description
1. PICT image PixData structures Heap Buffer overflow Vulnerability)
This vulnerability is caused due to a ‘heap-based buffer overflow'
condition while handling the ‘PixData structures' in the processing of
PICT files. An attacker could exploit this vulnerability by persuading
the users to open a specially crafted PICT file. Successful
exploitation of this vulnerability may result in unexpected application
termination or arbitrary code execution. This vulnerability does no
affect Mac OS X systems.
2. AAC-encoded media Memory corruption Vulnerability
This
vulnerability is caused due to improper handling of AAC-encoded media
files in Apple QuickTime. The attacker could exploit this vulnerability
by creating a specially crafted AAC-encoded media file and persuade
user to open the same. Opening a maliciously crafted media file causes
a memory corruption issue, which may lead to an unexpected application
termination or arbitrary code execution.
3. PICT image Heap Buffer overflow Vulnerability
This vulnerability is caused due to a ‘heap-based buffer overflow'
condition when processing the PICT files in Apple QuickTime. An
attacker could exploit this vulnerability by persuading the users to
open a specially crafted PICT image. Successful exploitation of this
vulnerability may result in unexpected application termination or
arbitrary code execution.
4. Indeo video media Stack Buffer overflow Vulnerability
This vulnerability is caused due to improper bounds checking within the
‘Indeo.qtx' when parsing the Quicktime files that utilizes the Indeo
video codec. The attacker could exploit this vulnerability by creating
a specially crafted Indeo video codec content and persuade user to open
the same. Opening a maliciously crafted media file causes Stack Buffer
overflow, which eventually leads to an unexpected application
termination or arbitrary code execution.
5. Embedded SMIL text improper URL handling Vulnerability
This vulnerability is caused due to improper handling of ‘SMIL text'
embedded in video formats. The ‘qt:next' attribute is not sanitized
before passing it to ‘url.dll!FileProtocolHandler'. An attacker could
exploit this vulnerability by persuading the users to open a specially
crafted QuickTime content in QuickTime Player. Successful exploitation
of this vulnerability may result in arbitrary code
Solution
Update to version 7.5.
QuickTime 7.5 for Windows:
http://www.apple.com/support/downloads/quicktime75forwindows.html
Vendor Information
Apple Inc
http://lists.apple.com/archives/security-announce/2008/Jun/msg00000.html
|
|
Last Updated ( Saturday, 11 December 2010 )
|
