Secunia Advisory: SA17428

Piotr Bania has reported some vulnerabilities in Apple QuickTime, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user’s system.

1. An integer overflow error exists in the handling of a “Pascal” style string when loading a “.mov” video file. This can result in memory overwrite due to a large memory copy, potentially allowing arbitrary code execution via a specially crafted video file.

2. An integer overflow error exists in the handling of certain movie attributes when loading a “.mov” video file. This can result in memory overwrite due to a large memory copy, potentially allowing arbitrary code execution via a specially crafted video file.
3. A NULL pointer dereferencing error exists when handling certain missing movie attributes from a video file. This may be exploited to crash an application that uses QuickTime when a specially crafted video file is loaded.
4. A boundary error exists in the QuickTime PictureViewer when decompressing PICT data. This may be exploited to cause a memory overwrite, potentially allowing arbitrary code execution via a specially crafted PICT picture file.

The vulnerabilities have been reported in the following versions:

• QuickTime version 6.5.2 and 7.0.1 for Mac OS X.

• QuickTime versions 7.x prior to 7.0.3 for Windows.

Prior versions may also be affected.

Solution: Update to version 7.0.3.

[Continue reading Secunia Advisory SA17428]

[tags]security,quicktime,arbitrary code execution,integer overflow,compromise computer system[/tags]