Secunia Advisory: SA25130
Release Date: 2007-05-30
Critical: Highly critical
Impact: Exposure of sensitive information
System access
Where: From remote
Solution Status: Vendor Patch
Software: Apple QuickTime 7.x
CVE reference: CVE-2007-2388 (Secunia mirror)
CVE-2007-2389 (Secunia mirror)
Description:
Two vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
1) A design error in the security restrictions on subclasses of QTObject can be exploited by untrusted Java code to allow subclassing of QuickTime objects that call unsafe functions from QTJava.dll resulting in reading and writing of arbitrary memory.
Successful exploitation allows execution of arbitrary code on Windows and OS X systems when a user visits a malicious web site using a Java-enabled browser.
2) A design error within the handling of Java applets can be exploited to read the browser's memory when a user visits a malicious website containing a malicious Java applet.
Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable:
http://secunia.com/software_inspector/
Solution:
Install Security Update (QuickTime 7.1.6).
Bollettino Secunia
Release Date: 2007-05-30
Critical: Highly critical
Impact: Exposure of sensitive information
System access
Where: From remote
Solution Status: Vendor Patch
Software: Apple QuickTime 7.x
CVE reference: CVE-2007-2388 (Secunia mirror)
CVE-2007-2389 (Secunia mirror)
Description:
Two vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
1) A design error in the security restrictions on subclasses of QTObject can be exploited by untrusted Java code to allow subclassing of QuickTime objects that call unsafe functions from QTJava.dll resulting in reading and writing of arbitrary memory.
Successful exploitation allows execution of arbitrary code on Windows and OS X systems when a user visits a malicious web site using a Java-enabled browser.
2) A design error within the handling of Java applets can be exploited to read the browser's memory when a user visits a malicious website containing a malicious Java applet.
Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable:
http://secunia.com/software_inspector/
Solution:
Install Security Update (QuickTime 7.1.6).
Bollettino Secunia