TippingPoint Digital Vaccine Laboratories

Contact Us

Apple Quicktime Movie Stack Overflow Vulnerability

TPTI-07-20: November 14th, 2007

CVE ID

CVE-2007-4674

Affected Vendors

Apple

Affected Products

Quicktime 7.2

Vulnerability Details

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of a malformed movie atom. Specifying a large size will result in a stack overflow. If exploited, remote code execution can be achieved with the credentials of the logged in user.

Vendor Response

Apple has issued an update to correct this vulnerability. More details can be found at:

http://docs.info.apple.com/article.html?artnum=306896

Disclosure Timeline

2007-10-19 - Vulnerability reported to vendor
2007-11-14 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

Cody Pierce, TippingPoint DVLabs

Published Advisories

TPTI-08-04: Microsoft

• published 2008-05-13

TPTI-08-03: Microsoft

• published 2008-03-11

TPTI-08-02: Cisco

• published 2008-01-16

TPTI-08-01: Apple

• published 2008-01-15

TPTI-07-21: Adobe

• published 2007-12-19

Upcoming Advisories

Microsoft

• reported 2007-11-14

Hewlett-Packard

• reported 2007-07-09

Hewlett-Packard

• reported 2006-10-10

Blog Entries

Line Noise

• 2008-05-16 by Cameron Hotchkies
• (0 Comments)

Owning Kraken Zombies, a Detailed Dissection

• 2008-04-28 by Cody Pierce
• (2 Comments)

Kraken Botnet Infiltration

• 2008-04-28 by Pedram Amini
• (47 Comments)

ToorCon Seattle Redux

• 2008-04-22 by Cameron Hotchkies
• (0 Comments)

PWN to OWN Adobe patch released

• 2008-04-10 by Terri Forslof
• (0 Comments)