On BNET: Online porn struggles for profits
BNET Business Network:
BNET
TechRepublic
ZDNet

June 1st, 2009

Apple plugs gaping QuickTime security holes

Posted by Ryan Naraine @ 1:37 pm

Categories: Apple, Arbitrary Code Execution, Botnets, Browsers, Data theft, Denial of Service (DoS), Exploit code, Malware, Patch Watch, Pen testing, Viruses and Worms, Vulnerability research, Windows Vista

Tags: Security, Apple QuickTime, Movie, Apple Inc., Arbitrary Code Execution, Buffer-overflow, Application Termination, Digital Music, Digital Media, Personal Technology

Apple today released QuickTime 7.6.2 with fixes for a variety of security vulnerabilities, some of which could lead to arbitrary code execution attacks.

The update, available for Mac OS X, Windows XP and Windows Vista, covers a total of 10 documented vulnerabilities that could be exploited via booby-trapped movie, video, image and audio files.

Here are the details

  • CVE-2009-0188: A memory corruption issue exists in QuickTime’s handling of Sorenson 3 video files. This may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0951: A heap buffer overflow exists in the handling of FLC compression files. Opening a maliciously crafted FLC compression file may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0952: A buffer overflow may occur while processing a compressed PSD image. Opening a maliciously crafted compressed PSD file may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0010: An integer underflow in QuickTime’s handling of PICT may result in a heap buffer overflow. Opening a maliciously crafted PICT file may lead to an unexpected application termination
    or arbitrary code execution.
  • CVE-2009-0953: A heap buffer overflow exists in QuickTime’s handling of PICT images. Opening a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0954: A heap buffer overflow exists in QuickTime’s handling of Clipping Region (CRGN) atom types in a movie file. Opening a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0185: A heap buffer overflow exists in the handling of MS ADPCM encoded audio data. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0955: A sign extension issue exists in QuickTime’s handling of image description atoms. Opening a maliciously crafted Apple video file may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0956: An uninitialized memory access issue exists in QuickTime’s handling of movie files. Viewing a movie file with a zero user data atom size may lead to an unexpected application termination or arbitrary code execution.
  • CVE-2009-0957: A heap buffer overflow exists in QuickTime’s handling of JP2 images. Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution.

The update is available via the Software Update utility (Mac OS X) and Apple’s Windows Automatic Software Update tool (Windows). Alternatively, QuickTime 7.6.2 may be obtained from the QuickTime Downloads site.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 78 Talkback(s)
RE: Apple plugs gaping QuickTime security holes
Good thing we don't have to wait for Microsoft to do it. (Read the rest)
Posted by: thenemo1 Posted on: 06/11/09 You are currently: a Guest | | Terms of Use
This is clearly Microsofts problem  Col Mustard | 06/01/09
I wonder..  ShadowGIATL | 06/01/09
I fully agree.....  daMan25 | 06/01/09
What I find most interesting...  ShadowGIATL | 06/02/09
Problem is....  daMan25 | 06/02/09
flawd logic  odcchaz | 06/02/09
And their logic is....  daMan25 | 06/02/09
I hereby ban the word "empathy"  ShadowGIATL | 06/02/09
Maybe...  thx-1138_@... | 06/02/09
@thx  ShadowGIATL | 06/03/09
@ShadowGIATL  thx-1138_@... | 06/04/09
@thx  ShadowGIATL | 06/04/09
Not always the case  davidhite | 06/03/09
Ivy Leagues  gnesterenko | 06/02/09
Well...  ShadowGIATL | 06/02/09
Bailed Out?  His_Shadow | 06/01/09
As Johnny Five Angels Would Say, Yeah, Sure, Why Not  DannyO_0x98 | 06/01/09
Not  Jkirk3279 | 06/03/09
Are you reffering to the GUI dispute?  ShadowGIATL | 06/02/09
No, sorry  Jkirk3279 | 06/03/09
All I'm saying is...  ShadowGIATL | 06/03/09
No, the QT suit. 1997  comp_indiana | 06/03/09
Interesting....  ShadowGIATL | 06/03/09
Good thing....  daMan25 | 06/01/09
yes  jdbukis@... | 06/01/09
Charlie Miller declared that OS X was the most secure OS ever made.  NonZealot | 06/01/09
Miller was never able to 'hack' Linux  UAC nanny screen | 06/02/09
Yes, Charlie Miller recommends MacOS, because it is more safe.  FranzFerdinand | 06/03/09
Lame  comp_indiana | 06/03/09
Ehh, No!  honeymonster | 06/02/09
RE: Apple plugs gaping QuickTime security holes  Telix | 06/01/09
Ask Sun....  ShadowGIATL | 06/01/09
Sun fixed it 6 months ago  honeymonster | 06/02/09
Oh yea...  ShadowGIATL | 06/02/09
You mean the one that is actively being exploited?  NonZealot | 06/01/09
Actively exploited  honeymonster | 06/02/09
While I agree...  ShadowGIATL | 06/02/09
I am certainly not defending the ABM choir  honeymonster | 06/02/09
I defend no one, just the principles.  ShadowGIATL | 06/03/09
@NonZealot  Axsimulate | 06/02/09
Where all the Apple trolls now?  Qbt | 06/01/09
They are all on the Windows QuickTime flaw blog  NonZealot | 06/01/09
@NonZealot  Axsimulate | 06/02/09
I guess he feels threatened...  UAC nanny screen | 06/02/09
They're laughing at all the non-Zealots.  vulpine@... | 06/03/09
I could set up a website which would pwn practically every mac visiting  honeymonster | 06/07/09
You say you can...  vulpine@... | 06/10/09
No QuickTime here...  mechBgon | 06/01/09
How about all of them  honeymonster | 06/02/09
Difference between Vista and OSX  honeymonster | 06/02/09
RE: Apple plugs gaping QuickTime security holes  gnesterenko | 06/02/09
The vulnerabilities  honeymonster | 06/02/09
For all the comment about Mac holes...  vulpine@... | 06/03/09
Ryan gapes at Quicktime security fixes  Narr vi | 06/02/09
10 vulnerabilities in a single product, all of which  honeymonster | 06/02/09
Other then the ability to play .mov files...  ShadowGIATL | 06/02/09
QuickTime  bdammann | 06/05/09
I don't  ShadowGIATL | 06/07/09
Qt and other things Apple...  ShadowGIATL | 06/02/09
A year ago, 70 vulnerabilties in 12 months.  TripleII | 06/03/09
Quicktime is the hole to fix it is to uninstall it  tech_walker | 06/02/09
Yes, Charlie Miller recommends MacOS, because it is more safe.  FranzFerdinand | 06/03/09
Yawn!!!  eiverson@... | 06/03/09
Just quit adding QuickTime to my startup  jhimes | 06/03/09
Because...  ShadowGIATL | 06/03/09
Cool, they uninstall it!  TripleII | 06/03/09
The question has to be asked...  nix_hed | 06/03/09
@SG  thx-1138_@... | 06/04/09
I'm assuming this post was meant for me...  ShadowGIATL | 06/04/09
It just seemed patently obvious...  thx-1138_@... | 06/05/09
You both seem to be missing something...  vulpine@... | 06/05/09
I think the software companies are issing something.  ShadowGIATL | 06/05/09
Interesting that you should say this...  vulpine@... | 06/05/09
Fighting ignorance  honeymonster | 06/06/09
I say a lot of things...  ShadowGIATL | 06/07/09
Are you just pretending to be this childish and stupid?  ShadowGIATL | 06/05/09
RE: Apple plugs gaping QuickTime security holes  thenemo1 | 06/11/09
RE: Apple plugs gaping QuickTime security holes  thenemo1 | 06/11/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline