|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=620
|
| |
Vulnerable Systems:
* QuickTime VR extension version 7.2.0.240 as included in QuickTime Player version 7.2
Immune Systems:
* QuickTime Player version 7.3
The vulnerability specifically exists in QuickTime Player's handling of Panorama Sample atoms in QuickTime Virtual Reality movie. When processing panorama sample atoms, the size field in the atom header is not validated. QuickTime will copy the specified amount of memory to a fixed-size heap buffer, causing heap corruption.
Analysis:
Exploitation could allow attackers to execute arbitrary code in the context of the current user. To exploit this vulnerability, an attacker must persuade a user into using QuickTime to open a specially crafted QuickTime movie file. This could be accomplished by persuading the user to click a direct link to a malicious VR movie file. Additionally, this vulnerability could be exploited within a malicious web page.
Workaround:
Disabling the QuickTime plug-in for browsers can mitigate Web page attack vectors. To do this, uncheck the "Play movies automatically" setting within the QuickTime preferences Browser->Playback tab.
Vendor response:
Apple has released QuickTime 7.3 which resolves this issue. More information is available via Apple's QuickTime Security Update page at the URL shown below: http://docs.info.apple.com/article.html?artnum=306896
CVE Information:
CVE-2007-4675
|
|
|
|
|
