BID:31086

Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities

Info

Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities

Bugtraq ID:	31086
Class:	Unknown
CVE:	CVE-2008-3615 CVE-2008-3635 CVE-2008-3624 CVE-2008-3625 CVE-2008-3614 CVE-2008-3627 CVE-2008-3628
Remote:	Yes
Local:	No
Published:	Sep 09 2008 12:00AM
Updated:	Oct 03 2008 04:28PM
Credit:	Paul Byrne of NGSSoftware, TippingPoint's Zero Day Initiative, Roee Hay of IBM Rational Application Security Research Group, David Wharton, Sergio 'shadown' Alvarez of n.runs AG and iDefense
Vulnerable:	Apple QuickTime Player 7.4.5 + Apple Mac OS X 10.4.9 + Apple Mac OS X 10.3.9 + Apple Mac OS X 10.5 + Apple Mac OS X Server 10.4.9 + Apple Mac OS X Server 10.3.9 + Apple Mac OS X Server 10.5 Apple QuickTime Player 7.4.1 Apple QuickTime Player 7.3.1 .70 Apple QuickTime Player 7.3.1 Apple QuickTime Player 7.1.6 Apple QuickTime Player 7.1.5 Apple QuickTime Player 7.1.4 Apple QuickTime Player 7.1.3 Apple QuickTime Player 7.1.2 Apple QuickTime Player 7.1.1 Apple QuickTime Player 7.0.4 Apple QuickTime Player 7.0.3 Apple QuickTime Player 7.0.2 Apple QuickTime Player 7.0.1 Apple QuickTime Player 7.0 Apple QuickTime Player 7.5 Apple QuickTime Player 7.4 Apple QuickTime Player 7.4 Apple QuickTime Player 7.3 Apple QuickTime Player 7.2 Apple QuickTime Player 7.1 Apple Mac OS X Server 10.5.4 Apple Mac OS X Server 10.5.3 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.10 Apple Mac OS X Server 10.4.9 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.10 Apple Mac OS X 10.4.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.5

Not Vulnerable:	Apple QuickTime Player 7.5.5 + Apple Mac OS X 10.4.9 + Apple Mac OS X 10.3.9 + Apple Mac OS X 10.5 + Apple Mac OS X Server 10.4.9 + Apple Mac OS X Server 10.3.9 + Apple Mac OS X Server 10.5 Apple Mac OS X Server 10.5.5 Apple Mac OS X 10.5.5

Discussion

Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities

Apple QuickTime is prone to multiple remote vulnerabilities that may allow remote attackers to execute arbitrary code and carry out denial-of-service attacks.

These issues arise when the application handles specially crafted PICT image files, movies, and QTVR movies. Successful exploits may allow attackers to gain remote unauthorized access in the context of a vulnerable user and to trigger a denial-of-service condition.

Versions prior to QuickTime 7.5.5 are affected.

NOTE: Two issues that were previously covered in this BID were given their own records to better document the details:

- CVE-2008-3626 was moved to BID 31546 ('Apple QuickTime 'STSZ' Atoms Memory Corruption Vulnerability')

- CVE-2008-3629 was moved to BID 31548 ('Apple QuickTime PICT Denial of Service Vulnerability').

Exploit / POC

Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Apple QuickTime Movie/PICT/QTVR Multiple Remote Vulnerabilities

Solution:
The vendor has released an advisory and fixes. Please see the references for more information.

Apple Mac OS X Server 10.5