|
|
>> Apple QuickTime Multiple Remote Buffer and Integer Overflow Vulnerabilities
|
Twelve vulnerabilities have been identified in Apple QuickTime, which could be exploited by remote attackers to take complete control of an affected system.
The first issue is due to an integer overflow error when processing malformed JPEG images, which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The second flaw is due to an integer overflow error when handling malformed QuickTime movies, which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The third vulnerability is due to a buffer overflow error when processing malformed QuickTime movies, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
The fourth flaw is due to a buffer overflow error when processing malformed Flash movies, which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The fifth problem is due to an integer overflow error when handling malformed H.264 movies, which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The sixth vulnerability is due to a buffer overflow error when processing malformed H.264 movies, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
The seventh flaw is due to a buffer overflow error when handling malformed MPEG4 movies, which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to visit a malicious web page.
The eighth problem is due to an integer overflow error when displaying malformed FlashPix images, which could be exploited by remote attackers to execute arbitrary commands via a specially crafted web page.
The ninth flaw is due to a buffer overflow error when handling malformed AVI movies, which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to visit a malicious web page.
The tenth issue is due to a stack overflow error in QuickDraw when processing PICT images with malformed font information, which could be exploited by malicious web sites to compromise a vulnerable system.
The eleventh flaw is due to a heap overflow error in QuickDraw when processing malformed PICT images, which could be exploited by malicious web sites to compromise a vulnerable system.
The twelfth vulnerability is due to a buffer overflow error in the "ReadBMP()" function when handling malformed BMP images, which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to visit a malicious web page. For additional information, see : VUPEN/ADV-2006-1452
Affected Products
Apple QuickTime versions prior to 7.1 (Mac OS X and Windows)
Solution
Upgrade to Apple QuickTime version 7.1 :
http://www.apple.com/support/downloads/quicktime71.html
References
http://www.vupen.com/english/advisories/2006/1778
http://docs.info.apple.com/article.html?artnum=303752
Credits
Vulnerabilities reported by Mike Price (McAfee AVERT Labs), eEye Digital Security, ATmaCA and Zero Day Initiative.
ChangeLog
2006-05-11 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
