Buffer overflow in Quicktime
A Dutch reader, G. Smit, gave us a heads up about a remotely exploitable vulnerability in Quicktime which can be exploited by malformed .mov files.
There is some information available at Offensive-security blog, in Dutch at security.nl, Fortiguard also shows the vulnerability. Securityfocus has also updated Bugtraq 32540.
Although neither Fortiguard or Securityfocus show the latest version of Quicktime, 7.6.5, as being vulnerable, we are getting reports that the exploit crashes 7.6.5.
-- Rick Wanner - rwanner at isc dot sans dot org
Keywords: quicktime vulnerability
2 comment(s)
×
Diary Archives
Comments
MRoutt
Jan 17th 2010
1 decade ago
iTunes crashes and submits the information to Microsoft.
QuickTime closes without any errors or anything (I had to watch it in TaskManager to confirm that it even opened).
WMP shows a black screen (I'm assuming this is because there is no actual movie to be seen).
Have a great day:)
Patrick
(I downloaded the POC Test Package from the exploits-db site and extracted it. Then I went into the "Windows" folder and tried the movie in there.)
PatrickD.
Jan 17th 2010
1 decade ago