Secunia Advisory: SA31821
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Apple QuickTime 7.x
CVE reference:
CVE-2008-3614
CVE-2008-3615
CVE-2008-3624
CVE-2008-3625
CVE-2008-3626
CVE-2008-3627
CVE-2008-3628
CVE-2008-3629
CVE-2008-3635
Description:
Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
1) An error in the third-party Indeo5 codec for QuickTime can be exploited to access uninitialised memory via a specially crafted movie file.
2) A boundary error in QuickTimeInternetExtras.qtx when parsing files via the third-party Indeo3.2 codec for QuickTime can be exploited to cause a stack-based buffer overflow via a specially crafted movie file.
3) A boundary error in the parsing of panorama atoms in QTVR (QuickTime Virtual Reality) movie files can be exploited to cause a heap-based buffer overflow via a specially crafted QTVR file.
4) A boundary error in the parsing of panorama PDAT atoms in QTVR (QuickTime Virtual Reality) movie files can be exploited to cause a stack-based buffer overflow via a QTVR file containing specially crafted "maxTilt", "minFieldOfView", and "maxFieldOfView" elements.
5) An integer overflow in the parsing of PICT images can be exploited via a specially crafted PICT image.
6) An error in the CallComponentFunctionWithStorage() function when parsing STSZ atoms in movie files can be exploited to corrupt memory via a movie file containing a overly large entry in sample_size_table.
7) Multiple errors when parsing H.264 encoded movie files (e.g. an integer overflow when parsing AVC1 atoms and two errors when parsing MDAT atoms) can be exploited to corrupt memory via a specially crafted file.
8) An error in the parsing of PICT images can be exploited via a specially crafted PICT image file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Solution:
Update to version 7.5.5.
Bollettino Sicurezza
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Apple QuickTime 7.x
CVE reference:
CVE-2008-3614
CVE-2008-3615
CVE-2008-3624
CVE-2008-3625
CVE-2008-3626
CVE-2008-3627
CVE-2008-3628
CVE-2008-3629
CVE-2008-3635
Description:
Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
1) An error in the third-party Indeo5 codec for QuickTime can be exploited to access uninitialised memory via a specially crafted movie file.
2) A boundary error in QuickTimeInternetExtras.qtx when parsing files via the third-party Indeo3.2 codec for QuickTime can be exploited to cause a stack-based buffer overflow via a specially crafted movie file.
3) A boundary error in the parsing of panorama atoms in QTVR (QuickTime Virtual Reality) movie files can be exploited to cause a heap-based buffer overflow via a specially crafted QTVR file.
4) A boundary error in the parsing of panorama PDAT atoms in QTVR (QuickTime Virtual Reality) movie files can be exploited to cause a stack-based buffer overflow via a QTVR file containing specially crafted "maxTilt", "minFieldOfView", and "maxFieldOfView" elements.
5) An integer overflow in the parsing of PICT images can be exploited via a specially crafted PICT image.
6) An error in the CallComponentFunctionWithStorage() function when parsing STSZ atoms in movie files can be exploited to corrupt memory via a movie file containing a overly large entry in sample_size_table.
7) Multiple errors when parsing H.264 encoded movie files (e.g. an integer overflow when parsing AVC1 atoms and two errors when parsing MDAT atoms) can be exploited to corrupt memory via a specially crafted file.
8) An error in the parsing of PICT images can be exploited via a specially crafted PICT image file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Solution:
Update to version 7.5.5.
Bollettino Sicurezza