Vulners
Lucene search
Apple QuickTime - '.mov' Parsing Memory Corruption
| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
 | Apple QuickTime - MOV File Parsing Memory Corruption | 19 May 201600:00 | – | zdt |
 | macOS < 10.11.5 Multiple Vulnerabilities | 23 Aug 201600:00 | – | nessus |
| Mac OS X 10.11.x < 10.11.5 Multiple Vulnerabilities | 13 Jul 201600:00 | – | nessus |
| Mac OS X 10.11.x < 10.11.5 Multiple Vulnerabilities | 19 May 201600:00 | – | nessus |
 | About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003 | 16 May 201600:00 | – | apple |
| About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003 - Apple Support | 23 Jan 201703:54 | – | apple |
 | CVE-2016-1848 | 19 May 201600:00 | – | circl |
 | Apple OS X El Capitan QuickTime Denial of Service Vulnerability | 22 May 201600:00 | – | cnvd |
 | CVE-2016-1848 | 20 May 201610:00 | – | cve |
 | CVE-2016-1848 | 20 May 201610:00 | – | cvelist |
10
#####################################################################################
Application: Apple Quicktime
Platforms: OSX
Author: Francis Provencher of COSIG
Website: http://www.protekresearchlab.com/
Twitter: @COSIG_ @protekresearch
CVE-2016-1848
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) POC
#####################################################################################
===============
1) Introduction
===============
QuickTime is an extensible multimedia framework developed by Apple Inc., capable of handling various formats of digital video, picture, sound, panoramic images, and interactivity. The classic version of QuickTime is available for Windows Vista and later, as well as Mac OS X Leopard and later operating systems. A more recent version, QuickTime X, is currently available on Mac OS X Snow Leopard and newer.
(https://en.wikipedia.org/wiki/QuickTime)
#####################################################################################
============================
2) Report Timeline
============================
2016-03-14: Francis Provencher from COSIG report issue to Apple security team;
2016-03-21: Apple security team confirmed this issue;
2016-05-17: Apple fixed this issue;
https://support.apple.com/en-us/HT206567
#####################################################################################
============================
3) Technical details
============================
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime.
User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of invalid data in the mdat atom. An attacker can use this flaw to read outside the
allocated buffer, which could allow for the execution of arbitrary code in the context of the current process.
#####################################################################################
===========
4) POC
===========
http://protekresearchlab.com/exploits/COSIG-2016-19.mov
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39839.zip
###############################################################################Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 May 2016 00:00Current
8High risk
Vulners AI Score8
CVSS 26.8
CVSS 37.8
EPSS0.03338