HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2008-04
Apple QuickTime Multiple File Processing Code Execution Vulnerabilities

Original issue date: January 24, 2008

Severity Rating: High

Systems Affected

•  Apple QuickTime 7.x

Overview

Multiple vulnerabilities have been reported in Apple QuickTime Sorenson 3 video files, Macintosh Resource embedded files, Image Descriptor (IDSC) atoms and compressed PICT image files that could be exploited by an attacker to take complete control of the vulnerable system.

Description

Sorenson 3 video files vulnerability ( CVE-2008-0031 )

Sorenson Video 3 gave better video quality and less than half of the bit rate and delivers twice the compression speed and three times the speed when using Variable Bit Rate (VBR) compression.

This vulnerability is caused due to an error while handling Sorenson 3 video files in Apple Quick Time, An attacker could exploit this vulnerability via specially crafted Sorenson 3 video file. Successful exploitation corrupt the system memory and allows attacker to execute arbitrary code.

Macintosh resource embedded files Vulnerability
( CVE-2008-0032 )

Macintosh resource file (“ RSC” or “RSRC” ) format can contain several icons. Axialis IconWorkshop support reading of RSC files with several icons but can write only RSC files with one icon.

This vulnerability is caused due while processing Macintosh Resources embedded QuickTime movies files in Apple Quick Time. An attacker exploit this vulnerability via specially crafted QuickTime file with excessive long values in the resource header. Successful exploitation corrupts the system memory to cause stack buffer overflow and allow attacker to execute arbitrary code.

Image Descriptor (IDSC) atoms Vulnerability
( CVE-2008-0033 )

The image description atom contains a QuickTime image description describing the JPEG image's size, resolution, depth, and so on, and the image data atom contains the actual JPEG compressed data.

This vulnerability is caused due while processing Image Descriptor (IDSC) atoms in Apple Quick Time, an attacker exploit this vulnerability via specially crafted movie file with Image Descriptor atoms containing an invalid atom size . Successful exploitation corrupts the system memory to cause buffer overflow and allow attacker to execute arbitrary code.

Boundary error exists in PICT images files ( CVE-2008-0036 )

A PICT file (.pct) is the default pixel image file format used on the Macintosh. The most common use of the file is for creating file icons and screen captures

This vulnerability caused due to boundary error while processing PICT images files in Apple Quick Time . Attackers exploit this vulnerability via specially crafted compressed PICT images file. Successful exploitation corrupts the system memory to cause buffer overflow and allow attacker to execute arbitrary code.

Solution

Update QuickTime to version 7.4
http://www.apple.com/support/downloads/

Vendor Information

Apple Inc.
http://docs.info.apple.com/article.html?artnum=307301

References

FR-SIRT
http://www.frsirt.com/english/advisories/2008/0148

Secuina
http://secunia.com/advisories/28502

Security Tracker http://securitytracker.com/alerts/2008/Jan/1019221.html

X-Force
http://xforce.iss.net/xforce/xfdb/39695

Security-Focus
http://www.securityfocus.com/bid/27298
http://www.securityfocus.com/bid/27299
http://www.securityfocus.com/bid/27300
http://www.securityfocus.com/bid/27301

CVE-Name
CVE-2008-0031
CVE-2008-0032
CVE-2008-0033
CVE-2008-0036

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003