|
Apple QuickTime Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA17428
|
|
|
Release Date:
|
2005-11-04
|
|
Last Update:
|
2005-11-09
|
|
Popularity:
|
28,055 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Apple Quicktime 6.x
Apple QuickTime 7.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2005-2753
CVE-2005-2754
CVE-2005-2755
CVE-2005-2756
|
|
Description:
Piotr Bania has reported some vulnerabilities in Apple QuickTime, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
1) An integer overflow error exists in the handling of a "Pascal" style string when loading a ".mov" video file. This can result in memory overwrite due to a large memory copy, potentially allowing arbitrary code execution via a specially crafted video file.
2) An integer overflow error exists in the handling of certain movie attributes when loading a ".mov" video file. This can result in memory overwrite due to a large memory copy, potentially allowing arbitrary code execution via a specially crafted video file.
3) A NULL pointer dereferencing error exists when handling certain missing movie attributes from a video file. This may be exploited to crash an application that uses QuickTime when a specially crafted video file is loaded.
4) A boundary error exists in the QuickTime PictureViewer when decompressing PICT data. This may be exploited to cause a memory overwrite, potentially allowing arbitrary code execution via a specially crafted PICT picture file.
The vulnerabilities have been reported in the following versions:
* QuickTime version 6.5.2 and 7.0.1 for Mac OS X.
* QuickTime versions 7.x prior to 7.0.3 for Windows.
Prior versions may also be affected.
Solution:
Update to version 7.0.3.
http://www.apple.com/support/downloads/quicktime703.html
Provided and/or discovered by:
Piotr Bania
Changelog:
2005-11-09: Added link to US-CERT vulnerability note.
Original Advisory:
Apple:
http://docs.info.apple.com/article.html?artnum=302772
Piotr Bania:
http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt
http://pb.specialised.info/all/adv/quicktime-mov-io2-adv.txt
http://pb.specialised.info/all/adv/quicktime-mov-dos-adv.txt
http://pb.specialised.info/all/adv/quicktime-pict-adv.txt
Other References:
US-CERT VU#855118:
http://www.kb.cert.org/vuls/id/855118
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
