SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Multimedia)  >   Apple QuickTime Vendors:   Apple
Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1024729
SecurityTracker URL:  http://securitytracker.com/id/1024729
CVE Reference:   CVE-2010-3787, CVE-2010-3788, CVE-2010-3789, CVE-2010-3790, CVE-2010-3791, CVE-2010-3792, CVE-2010-3793, CVE-2010-3794, CVE-2010-3795   (Links to External Site)
Date:  Nov 11 2010
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in QuickTime. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted image or movie file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

A specially crafted JP2 image can trigger a heap overflow [CVE-2010-3787]. Nils of MWR InfoSecurity reported this vulnerability.

A specially crafted JP2 image can trigger a memory access error [CVE-2010-3788]. Damian Put and Procyun reported this vulnerability via TippingPoint's Zero Day Initiative.

A specially crafted AVI file can trigger a memory corruption error [CVE-2010-3789]. Damian Put reported this vulnerability via TippingPoint's Zero Day Initiative.

A specially crafted movie file can trigger a memory corruption error [CVE-2010-3790]. Honggang Ren of Fortinet's FortiGuard Labs reported this vulnerability.

A specially crafted movie file can trigger a buffer overflow [CVE-2010-3791]. An anonymous researcher reported this vulnerability via TippingPoint's Zero Day Initiative.

A specially crafted MPEG encoded movie file can trigger a signedness error [CVE-2010-3792]. An anonymous researcher reported this vulnerability via TippingPoint's Zero Day Initiative.

A specially crafted Sorenson encoded movie file can trigger a memory corruption error [CVE-2010-3793]. Carsten Eiram of Secunia Research and also an anonymous researcher (via TippingPoint's Zero Day Initiative) separately reported this vulnerability.

A specially crafted FlashPix image can trigger a memory access error [CVE-2010-3794]. An anonymous researcher reported this vulnerability via TippingPoint's Zero Day Initiative.

A specially crafted GIF image can trigger an uninitialized memory access error [CVE-2010-3795]. An anonymous researcher reported this vulnerability via TippingPoint's Zero Day Initiative.

Impact:   A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   Apple has issued a fix as part of Mac OS X v10.6.5 and Security Update 2010-007, available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:

http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies
to your system configuration. Only one is needed, either
Security Update 2010-007 or Mac OS X v10.6.5.

For Mac OS X v10.6.4
The download file is named: MacOSXUpd10.6.5.dmg
Its SHA-1 digest is: ccd856d0672394fd80c6873a8f43c6739708b44f

For Mac OS X v10.6 - v10.6.3
The download file is named: MacOSXUpdCombo10.6.5.dmg
Its SHA-1 digest is: add336a1af1c3914887d2217fbbc98b18e6fb57c

For Mac OS X Server v10.6.4
The download file is named: MacOSXServerUpd10.6.5.dmg
Its SHA-1 digest is: fc1158e9e526e387cd37d6ecea76ae1ecc284eeb

For Mac OS X Server v10.6 - v10.6.3
The download file is named: MacOSXServUpdCombo10.6.5.dmg
Its SHA-1 digest is: 1317084400ea9b11f44d30cf3723ce991346b360

The vendor's advisory is available at:

http://support.apple.com/kb/HT4435

Vendor URL:  support.apple.com/kb/HT4435 (Links to External Site)
Cause:   Access control error, Boundary error
Underlying OS:  UNIX (macOS/OS X)
Underlying OS Comments:  OS X 10.6 through 10.6.4

Message History:   This archive entry has one or more follow-up message(s) listed below.
Dec 7 2010 (Apple Issues Fix) Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code
Apple has issued a fix for QuickTime for Windows and for OS X 10.5.8.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC