Apple QuickTime Player heap buffer overflow
| quicktime-heap-bo (16026) |  High Risk |
Description:
Apple's QuickTime Player is vulnerable to a heap overflow, caused by a vulnerability in the QuickTime.qts file. By creating a .mov (movie) file containing a Sample-to-Chunk atom with specially-crafted fields, a remote attacker could overwrite heap memory and execute arbitrary code on the system, once the file is processed.
Consequences:
Gain Access
Remedy:
Apply the appropriate patch for your system, available from the Apple Web site. See References.
References:
- Apple Computer, Inc.Web site: Apple.
- Apple Computer, Inc.Web site: QuickTime: QuickTime File Format.
- CIAC Information Bulletin O-135: Apple QuickTime Integer Overflow.
- CIAC Information Bulletin O-138: Apple Mac OS X Jaguar and Panther Security Vulnerabilities.
- eEye Security Advisory AD20040502: Apple QuickTime (QuickTime.qts) Heap Overflow.
- BID-10257: Apple QuickTime Sample-to-Chunk Integer Overflow Vulnerability
- CVE-2004-0431: Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large number of entries field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.
- US-CERT VU#782958: Apple QuickTime contains an integer overflow in the QuickTime.qts extension
Platforms Affected:
- Apple QuickTime 6.0
- Apple QuickTime 6.1
- Apple QuickTime 6.5
Reported:
May 02, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net