Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
Apple QuickTime Buffer Overflows Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1025884 |
|
SecurityTracker URL: http://securitytracker.com/id/1025884
|
|
CVE Reference:
CVE-2011-0245, CVE-2011-0246, CVE-2011-0247, CVE-2011-0248, CVE-2011-0249, CVE-2011-0250, CVE-2011-0251, CVE-2011-0252, CVE-2011-0256, CVE-2011-0257
(Links to External Site)
|
Updated: Aug 17 2011
|
Original Entry Date: Aug 3 2011
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 7.7
|
Description:
Multiple vulnerabilities were reported in QuickTime. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted file that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.
A specially crafted PICT file can trigger a buffer overflow [CVE-2011-0245]. Mac OS X version 10.7 is not affected. Subreption LLC reported this vulnerability via TippingPoint's Zero Day Initiative.
A specially crafted GIF image can trigger a heap overflow [CVE-2011-0246]. Mac OS X systems are not affected. An anonymous researcher reported this vulnerability via Beyond Security's SecuriTeam Secure Disclosure program.
A specially crafted H.264 movie file can trigger a stack overflow [CVE-2011-0247]. Mac OS X systems are not affected. Roi Mallo and Sherab Giovannini reported this vulnerability via TippingPoint's Zero Day Initiative.
Specially crafted QTL files can trigger a stack overflow in the QuickTime ActiveX control [CVE-2011-0248]. Mac OS X systems are not affected. Chkr_d591 reported this vulnerability via TippingPoint's Zero Day Initiative.
A QuickTime movie with specially crafted STSC atoms can trigger a heap overflow [CVE-2011-0249]. Mac OS X verson 10.7 systems are not affected. Matt 'j00ru' Jurczyk reported this vulnerability via TippingPoint's Zero Day Initiative.
A QuickTime movie with specially crafted STSS atoms can trigger a heap overflow [CVE-2011-0250]. Mac OS X verson 10.7 systems are not affected. Matt 'j00ru' Jurczyk reported this vulnerability via TippingPoint's Zero Day Initiative.
A QuickTime movie with specially crafted STSZ atoms can trigger a heap overflow [CVE-2011-0251]. Mac OS X verson 10.7 systems are not affected. Matt 'j00ru' Jurczyk reported this vulnerability via TippingPoint's Zero Day Initiative.
A QuickTime movie with specially crafted STTS atoms can trigger a heap overflow [CVE-2011-0252]. Mac OS X verson 10.7 systems are not affected. Matt 'j00ru' Jurczyk reported this vulnerability via TippingPoint's Zero Day Initiative.
A specially crafted movie file can trigger an integer overflow [CVE-2011-0256]. Mac OS X version 10.7 systems are not affected. An anonymous researcher reported this vulnerability via TippingPoint's Zero Day Initiative.
A specially crafted PICT file can trigger code execution [CVE-2011-0257]. Mac OS X version 10.7 systems are not affected. Matt 'j00ru' Jurczyk reported this vulnerability via TippingPoint's Zero Day Initiative.
|
Impact:
A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
|
Solution:
The vendor has issued a fix (7.7), available from the Software Update application, or from the QuickTime Downloads site at:
http://www.apple.com/quicktime/download/
For Mac OS X v10.5.8
The download file is named: "QuickTime77Leopard.dmg"
Its SHA-1 digest is: 0deb99cc44015af7c396750d2c9dd4cbd59fb355
For Windows 7 / Vista / XP SP3
The download file is named: "QuickTimeInstaller.exe"
Its SHA-1 digest is: a99f61d67be6a6b42e11d17b0b4f25cd88b74dc9
QuickTime is incorporated into Mac OS X v10.6 and later. QuickTime 7.7 is not presented to systems running Mac OS X v10.6 or later.
The vendor's advisory is available at:
http://support.apple.com/kb/HT4826
|
Vendor URL: support.apple.com/kb/HT4826 (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
UNIX (OS X), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 03 Aug 2011 22:04:57 +0000
Subject: Apple QuickTime
|
APPLE-SA-2011-08-03-1 QuickTime 7.7
QuickTime 7.7 is now available and addresses the following:
QuickTime
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted pict file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in QuickTime's handling of
pict files. Viewing a maliciously crafted pict file may lead to an
unexpected application termination or arbitrary code execution. For
Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8.
This issue does not affect Mac OS X v10.7 systems.
CVE-ID
CVE-2011-0245 : Subreption LLC working with TippingPoint's Zero Day
Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted GIF image may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in QuickTime's handling
of GIF images. Viewing a maliciously crafted GIF image may lead to an
unexpected application termination or arbitrary code execution. This
issue does not affect Mac OS X systems.
CVE-ID
CVE-2011-0246 : an anonymous contributor working with Beyond
Security's SecuriTeam Secure Disclosure program
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted H.264 movie file may lead to
an unexpected application termination or arbitrary code execution
Description: Multiple stack buffer overflows existed in the handling
of H.264 encoded movie files. Viewing a maliciously crafted H.264
movie file may lead to an unexpected application termination or
arbitrary code execution. These issues do not affect Mac OS X
systems.
CVE-ID
CVE-2011-0247 : Roi Mallo and Sherab Giovannini working with
TippingPoint's Zero Day Initiative
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website using Internet
Explorer may lead to an unexpected application termination or
arbitrary code execution
Description: A stack buffer overflow existed in the QuickTime
ActiveX control's handling of QTL files. Visiting a maliciously
crafted website using Internet Explorer may lead to an unexpected
application termination or arbitrary code execution. This issue does
not affect Mac OS X systems.
CVE-ID
CVE-2011-0248 : Chkr_d591 working with TippingPoint's Zero Day
Initiative
QuickTime
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in the handling of STSC
atoms in QuickTime movie files. Viewing a maliciously crafted movie
file may lead to an unexpected application termination or arbitrary
code execution. This issue does not affect Mac OS X v10.7 systems.
CVE-ID
CVE-2011-0249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero
Day Initiative
QuickTime
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in the handling of STSS
atoms in QuickTime movie files. Viewing a maliciously crafted movie
file may lead to an unexpected application termination or arbitrary
code execution. This issue does not affect Mac OS X v10.7 systems.
CVE-ID
CVE-2011-0250 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero
Day Initiative
QuickTime
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in the handling of STSZ
atoms in QuickTime movie files. Viewing a maliciously crafted movie
file may lead to an unexpected application termination or arbitrary
code execution. This issue does not affect Mac OS X v10.7 systems.
CVE-ID
CVE-2011-0251 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero
Day Initiative
QuickTime
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in the handling of STTS
atoms in QuickTime movie files. Viewing a maliciously crafted movie
file may lead to an unexpected application termination or arbitrary
code execution. This issue does not affect Mac OS X v10.7 systems.
CVE-ID
CVE-2011-0252 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero
Day Initiative
|
|
Go to the Top of This SecurityTracker Archive Page
|
