English
Log in
Search
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

HomeDescriptionsSA51226

Apple QuickTime Multiple Vulnerabilities


Secunia ID

SA51226
CVE-ID

CVE-2011-1374, CVE-2012-3751, CVE-2012-3752, CVE-2012-3753, CVE-2012-3754, CVE-2012-3755, CVE-2012-3756, CVE-2012-3757, CVE-2012-3758
Release Date

08 Nov 2012
Last Change

19 Dec 2012
Criticality

Highly Critical
Solution Status

Vendor Patch
Software

Apple QuickTime 7.x
Where

From remote
Impact
System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Description

Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.

1) A boundary error when processing a PICT file can be exploited to cause a buffer overflow.

2) An error when processing a PICT file can be exploited to corrupt memory.

3) A use-after-free error exists in the plugin when handling "_qtactivex_" parameters within an HTML object.

4) A boundary error when handling the transform attribute of "text3GTrack" elements can be exploited to cause a buffer overflow via a specially crafted TeXML file.

5) Some errors when processing TeXML files can be exploited to cause a buffer overflows.

6) A boundary error when handling certain MIME types within a plugin can be exploited to cause a buffer overflow.

7) A use-after-free error exists in the ActiveX control when handling "Clear()" method.

8) A boundary error when processing a Targa file can be exploited to cause a buffer overflow.

9) A boundary error when processing the "rnet" box within MP4 files can be exploited to cause a buffer overflow.

The vulnerabilities are reported in versions prior to 7.7.3.
Solution

Update to version 7.7.3.
Reported by

2) Jeremy Brown, Microsoft

The vendor credits:
1) Mark Yason, IBM X-Force
3, 7) chkr_d591 via iDefense VCP
4) Alexander Gavrun via ZDI
5) Arezou Hosseinzad-Amirkhizi, Vulnerability Research Team, TELUS Security Labs
6) Pavel Polischouk, Vulnerability Research Team, TELUS Security Labs
8) Senator of Pirates
9) Kevin Szkudlapski, QuarksLab
Original Advisory

Apple:
http://support.apple.com/kb/HT5581

Microsoft:
http://technet.microsoft.com/en-us/security/msvr/msvr12-021

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

Products

eStore

Threats

Downloads

Support

Partners

About Us

Search

securelist.com

Threats

Analysis

Blog

Descriptions

Glossary

RSS feeds

Contacts

Search