Secunia Advisory: SA20069 Print Advisory
Release Date: 2006-05-12
Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software:
Apple Quicktime 4.x
Apple Quicktime 5.x
Apple Quicktime 6.x
Apple QuickTime 7.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
CVE reference: CVE-2006-1249
CVE-2006-1453
CVE-2006-1454
CVE-2006-1458
CVE-2006-1459
CVE-2006-1460
CVE-2006-1461
CVE-2006-1462
CVE-2006-1463
CVE-2006-1464
CVE-2006-1465
CVE-2006-2238
Description:
Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
1) An integer overflow error within the processing of JPEG images can be exploited via a specially crafted JPEG image to crash the application and potentially execute arbitrary code.
2) An integer overflow and boundary error within the processing of QuickTime movies can be exploited via a specially crafted QuickTime movie to crash the application and potentially execute arbitrary code.
3) A boundary error within the processing of Flash movies can be exploited via a specially crafted Flash movie to crash the application and potentially execute arbitrary code.
4) An integer overflow and boundary error within the processing of H.264 movies can be exploited via a specially crafted H.264 movie to crash the application and potentially execute arbitrary code.
5) A boundary error within the processing of MPEG4 movies can be exploited via a specially crafted MPEG4 movie to crash the application and potentially execute arbitrary code.
6) An integer overflow error within the processing of FlashPix images (".fpx") can be exploited via a specially crafted FlashPix image with an overly large value in the field specifying the number of data blocks in the file. This can be exploited to cause a heap-based buffer overflow and allows execution of arbitrary code.
7) A boundary error within the processing of AVI movies can be exploited via a specially crafted AVI movie to crash the application and potentially execute arbitrary code.
8) Two boundary errors within the processing of PICT images can be exploited to either cause a stack-based buffer overflow via a PICT image with specially crafted font information or a heap-based buffer overflow via a PICT image with specially crafted image data. This can be exploited to crash the application and potentially execute arbitrary code.
9) A boundary error within the processing of BMP images can be exploited via a specially crafted BMP image to crash the application and potentially execute arbitrary code.
Solution:
Update to version 7.1.
http://www.apple.com/support/downloads/quicktime71.html
Bollettino Secunia
Release Date: 2006-05-12
Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software:
Apple Quicktime 4.x
Apple Quicktime 5.x
Apple Quicktime 6.x
Apple QuickTime 7.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
CVE reference: CVE-2006-1249
CVE-2006-1453
CVE-2006-1454
CVE-2006-1458
CVE-2006-1459
CVE-2006-1460
CVE-2006-1461
CVE-2006-1462
CVE-2006-1463
CVE-2006-1464
CVE-2006-1465
CVE-2006-2238
Description:
Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
1) An integer overflow error within the processing of JPEG images can be exploited via a specially crafted JPEG image to crash the application and potentially execute arbitrary code.
2) An integer overflow and boundary error within the processing of QuickTime movies can be exploited via a specially crafted QuickTime movie to crash the application and potentially execute arbitrary code.
3) A boundary error within the processing of Flash movies can be exploited via a specially crafted Flash movie to crash the application and potentially execute arbitrary code.
4) An integer overflow and boundary error within the processing of H.264 movies can be exploited via a specially crafted H.264 movie to crash the application and potentially execute arbitrary code.
5) A boundary error within the processing of MPEG4 movies can be exploited via a specially crafted MPEG4 movie to crash the application and potentially execute arbitrary code.
6) An integer overflow error within the processing of FlashPix images (".fpx") can be exploited via a specially crafted FlashPix image with an overly large value in the field specifying the number of data blocks in the file. This can be exploited to cause a heap-based buffer overflow and allows execution of arbitrary code.
7) A boundary error within the processing of AVI movies can be exploited via a specially crafted AVI movie to crash the application and potentially execute arbitrary code.
8) Two boundary errors within the processing of PICT images can be exploited to either cause a stack-based buffer overflow via a PICT image with specially crafted font information or a heap-based buffer overflow via a PICT image with specially crafted image data. This can be exploited to crash the application and potentially execute arbitrary code.
9) A boundary error within the processing of BMP images can be exploited via a specially crafted BMP image to crash the application and potentially execute arbitrary code.
Solution:
Update to version 7.1.
http://www.apple.com/support/downloads/quicktime71.html
Bollettino Secunia