April 3rd, 2008

Apple patches 11 QuickTime flaws

Posted by Larry Dignan @ 10:49 am

Categories: Apple, Exploit code, Patch Watch, Vulnerability research

Tags: Java Applet, Apple QuickTime, Java, Movie, Apple Inc., Applet, Flaw, CVE-2008-1014, Movie File, CVE-2008-1015

Apple pushed out the latest version of QuickTime and patched 11 vulnerabilities in its third security update of 2008.

Late Wednesday, Apple pushed the update, which covers QuickTime on all platforms. The following flaws affect QuickTime on Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2 unless noted otherwise. Among the key patches:

CVE-2008-1013 fixes a flaw where Java applets allow for elevated privileges. Apple says:

An implementation issue in QuickTime for Java allows untrusted Java applets to deserialize objects provided by QTJava. Visiting a web page containing a maliciously crafted Java applet could allow the disclosure of sensitive information, or arbitrary
code execution with the privileges of the current user. This update addresses the issue by disabling the ability of untrusted Java applets to deserialize QTJava objects.

CVE-2008-1014 addresses an information disclosure issue that occurs when a user downloads a movie. Apple says:

Specially crafted QuickTime movies can automatically open external URLs, which may lead to information disclosure. This update addresses the issue through improved handling of external URLs embedded in movie files.

CVE-2008-1015 addresses another movie file issue. A maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution, says Apple, adding “an issue in QuickTime’s handling of data reference atoms may result in a buffer overflow.”

CVE-2008-1016, CVE-2008-1017 and CVE-2008-1018 all address flaws that lead to code execution and application termination issues for folks that download malicious movies.

CVE-2008-1019 addresses “a maliciously crafted PICT image file (that) may lead to an unexpected application termination or arbitrary code execution.” CVE-2008-1020 and CVE-2008-1023 addresse a PICT image file flaw only Vista and XP SP2.

CVE-2008-1021 fixes another movie file flaw that can terminate an application or lead to a code execution vulnerability. Platforms affected are Vista and XP SP2.

CVE-2008-1022 addresses an QuickTime VR movie flaw. “Viewing a maliciously crafted QuickTime VR movie file may lead to an unexpected application termination or arbitrary code execution,” says Apple.