Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary
|
|
SecurityTracker Alert ID: 1025705 |
|
SecurityTracker URL: http://securitytracker.com/id/1025705
|
|
CVE Reference:
CVE-2011-0209, CVE-2011-0210, CVE-2011-0211, CVE-2011-0213
(Links to External Site)
|
Date: Jun 24 2011
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in QuickTime. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
A specially crafted RIFF WAV file can trigger an integer overflow [CVE-2011-0209]. Luigi Auriemma reported this vulnerability via TippingPoint's Zero Day Initiative.
Specially crafted sample tables in a QuickTime movie file can cause code execution [CVE-2011-0210]. Honggang Ren of Fortinet's FortiGuard Labs reported this vulnerability.
A specially crafted movie file can trigger an integer overflow [CVE-2011-0211]. Luigi Auriemma reported this vulnerability via TippingPoint's Zero Day Initiative.
A specially crafted JPEG file can trigger a buffer overflow [CVE-2011-0213]. Luigi Auriemma reported this vulnerability via iDefense.
|
Impact:
A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
|
Solution:
The vendor has issued a fix as part of Mac OS X v10.6.8 and Security Update 2011-004, available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:
http://www.apple.com/support/downloads/
The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2011-004 or Mac OS X v10.6.8.
For Mac OS X v10.6.7
The download file is named: MacOSXUpd10.6.8.dmg
Its SHA-1 digest is: fee3d708be1cef09185eb9f6bfad1884efb3f0fc
For Mac OS X v10.6 - v10.6.6
The download file is named: MacOSXUpdCombo10.6.8.dmg
Its SHA-1 digest is: 7e22a53b62bf16f44fbba4042606af91888335cf
For Mac OS X Server v10.6.7
The download file is named: MacOSXServerUpd10.6.8.dmg
Its SHA-1 digest is: 34e8d742635d11fe483b2ca63cbd2df4fe6bd42a
For Mac OS X Server v10.6 - v10.6.6
The download file is named: MacOSXServerUpdCombo10.6.8.dmg
Its SHA-1 digest is: 123bebedc91e9483c7e44e671bf27fda34821b1f
For Mac OS X v10.5.8
The download file is named: SecUpd2011-004.dmg
Its SHA-1 digest is: 2d8967d783c08c4d7904c0138f5ea6fb0056a2f0
For Mac OS X Server v10.5.8
The download file is named: SecUpdSrvr2011-004.dmg
Its SHA-1 digest is: 9fe192900feb5808307aa0329f1d0df430f536f6
The vendor's advisory is available at:
http://support.apple.com/kb/HT4723
|
Vendor URL: support.apple.com/kb/HT4723 (Links to External Site)
|
Cause:
Access control error, Boundary error
|
Underlying OS:
UNIX (OS X)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Fri, 24 Jun 2011 01:22:04 +0000
Subject: Apple QuickTime
|
QuickTime
Available for: Mac OS X v10.6 through v10.6.7,
Mac OS X Server v10.6 through v10.6.7
Impact: Viewing a maliciously crafted WAV file may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow existed in QuickTime's handling of
RIFF WAV files. Viewing a maliciously crafted WAV file may lead to an
unexpected application termination or arbitrary code execution.
CVE-ID
CVE-2011-0209 : Luigi Auriemma working with TippingPoint's Zero Day
Initiative
QuickTime
Available for: Mac OS X v10.6 through v10.6.7,
Mac OS X Server v10.6 through v10.6.7
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in QuickTime's
handling of sample tables in QuickTime movie files. Viewing a
maliciously crafted movie file may lead to an unexpected application
termination or arbitrary code execution.
CVE-ID
CVE-2011-0210 : Honggang Ren of Fortinet's FortiGuard Labs
QuickTime
Available for: Mac OS X v10.6 through v10.6.7,
Mac OS X Server v10.6 through v10.6.7
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow existed in QuickTime's handling of
movie files. Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution.
CVE-ID
CVE-2011-0211 : Luigi Auriemma working with TippingPoint's Zero Day
Initiative
QuickTime
Available for: Mac OS X v10.6 through v10.6.7,
Mac OS X Server v10.6 through v10.6.7
Impact: Viewing a maliciously crafted JPEG file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in QuickTime's handling of
JPEG files. Viewing a maliciously crafted JPEG file may lead to an
unexpected application termination or arbitrary code execution.
CVE-ID
CVE-2011-0213 : Luigi Auriemma working with iDefense
|
|
