Apple QuickTime Movie File CTAB Handling Overflow

2007-11-05T20:18:22
ID OSVDB:38544
Type osvdb
Reporter Ruben Santamarta(advisories@reversemode.com), Mario Ballano Bárcena(mballano@gmail.com)
Modified 2007-11-05T20:18:22

Description

Vulnerability Description

A remote overflow exists in Apple QuickTime Player. The media player fails to provide adequate bounds checking on the color table atom contained in a movie resulting in a heap-based overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability.

Solution Description

Upgrade to version 7.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in Apple QuickTime Player. The media player fails to provide adequate bounds checking on the color table atom contained in a movie resulting in a heap-based overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability.

References:

Vendor Specific Advisory URL US-CERT Cyber Security Alert: TA07-310A Security Tracker: 1018894 Secunia Advisory ID:27523 Related OSVDB ID: 38545 Related OSVDB ID: 38550 Related OSVDB ID: 38546 Related OSVDB ID: 38548 Related OSVDB ID: 38549 Related OSVDB ID: 38547 Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-065.html Mail List Post: http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-11/0074.html ISS X-Force ID: 38283 FrSIRT Advisory: ADV-2007-3723 CVE-2007-4677 Bugtraq ID: 26338