Apple QuickTime Java Extension Code Execution - Secunia Research

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Secunia Research: Apple QuickTime Java Extension Code Execution

====================================================================== Secunia Research 30/05/2007 - Apple QuickTime Java Extension Code Execution - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10 ====================================================================== 1) Affected Software * Apple Quicktime 7.1.6 NOTE: Prior versions may also be affected. ====================================================================== 2) Severity Rating: Highly critical Impact: System access Where: From remote ====================================================================== 3) Vendor's Description of Software "Whether you are creating content for delivery on cell phones, broadcast or the Internet, or a software developer looking to take your application to the next level, QuickTime provides the most comprehensive platform in the industry." Product Link: http://www.apple.com/quicktime/ ====================================================================== 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a design error in the security restrictions on subclasses of QTObject, the QuickTime for Java base class. The error allows a user-defined class that appears to be part of the "quicktime" package to subclass any non-final QTObject derived class and access unsafe protected member functions, resulting in arbitrary memory access. Successful exploitation allows execution of arbitrary code on Windows and OS X systems when a user visits a malicious web site using a Java-enabled browser. ====================================================================== 5) Solution Install Security Update (QuickTime 7.1.6). ====================================================================== 6) Time Table 07/05/2007 - Vulnerability discovered. 08/05/2007 - Vendor notified. 09/05/2007 - Vendor response. 30/05/2007 - Public disclosure. ====================================================================== 7) Credits Discovered by Dyon Balding, Secunia Research. ====================================================================== 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2007-2388 for the vulnerability. ====================================================================== 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://corporate.secunia.com/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://corporate.secunia.com/secunia_research/33/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/secunia_vacancies/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/secunia_security_advisories/ ====================================================================== 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2007-52/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ ======================================================================

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	dotProject SQL Injection and Cross-Site Scripting

2.	Novell eDirectory Multiple Vulnerabilities

3.	HP TCP/IP Services for OpenVMS Finger Format String Vulnerability

4.	Blogn Cross-Site Scripting and Cross-Site Request Forgery

5.	Adium MSN SLP Message Integer Overflow Vulnerabilities

6.	phpBB BBcode Script Insertion Vulnerability

7.	phpMyRealty "price_max" SQL Injection Vulnerability

8.	Caudium "configvar" Insecure Temporary Files

9.	GpsDrive "geo-code" Insecure Temporary Files

10.	Sun Solaris Kernel Covert Channel Security Bypass