Apple QuickTime Unspecified Heap Overflow May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID: 1015356|
SecurityTracker URL: http://securitytracker.com/id/1015356
(Links to External Site)
Date: Dec 14 2005
Execution of arbitrary code via network, User access via network|
A vulnerability was reported in Apple QuickTime. A remote user may be able to execute arbitrary code on the target system.|
A user can trigger a heap overflow in the player and potentially execute arbitrary code on the target system. No details were provided pending vendor resolution.
iTunes 6.0.1 is also affected.
The vendor has been notified.
badpack3t of Security-Protocols.com reported this vulnerability.
The original advisory is available at:
A remote user may be able to cause arbitrary code to be executed on the target user's system.|
No solution was available at the time of this entry.|
Vendor URL: www.apple.com/ (Links to External Site)
|Underlying OS: UNIX (macOS/OS X), Windows (Any)|
Source Message Contents
Subject: Apple QuickTime/iTunes Heap Overflow Vulnerability|
>From the "Upcoming Release: Apple Quicktime/iTunes Heap Overflow" report:
"A heap overflow vulnerability exists within Apple Quicktime 7.0.3 and
iTunes 6.0.1 on OS X and Win32. The vulnerability allows an attacker to
reliably overwrite heap memory with arbitrary data in order to execute
arbitrary code on a targeted host. This has been tested on OS X and
Win32. I have reported this issue to Apple. I will publish more details
once Apple has released a patch for this issue. Just a side note, this
was published from my local Apple store. ;-) Here is a screenshot if you
QuickTime error report in Windows XP from Security-protocols.com:
Reportedly problem in QuickTime is in quicktimeplayer.exe executable.
The vulnerability has been reported in Apple Quicktime 7.0.3 and iTunes
6.0.1 on OS X and Microsoft Windows.
Apple Mac OS X
Apple Computer, Inc.
Product Home Pages:
Reportedly no updated versions available from the vendor.
Reportedly vendor was contacted on December 2nd, 2005 or earlier.
CVE information: N/A
This vulnerability is researched by Tom Ferris (aka badpack3t).
I have no any connections to Security-Protocols.com or Mr. Ferris.
Juha-Matti Laurio, Networksecurity.fi