TippingPoint Digital Vaccine Laboratories

Contact Us

Apple Quicktime Image File idsc Atom Memory Corruption Vulnerability

TPTI-08-01: January 15th, 2008

CVE ID

CVE-2008-0033

Affected Vendors

Apple

Affected Products

Quicktime 7.3

Vulnerability Details

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of malformed Image Descriptor (IDSC) atoms. Specifying a malicious atom size can result in an under allocated heap chunk and subsequently an exploitable heap corruption situation.

Vendor Response

Apple has issued an update to correct this vulnerability. More details can be found at:

http://docs.info.apple.com/article.html?artnum=307301

Disclosure Timeline

2007-10-19 - Vulnerability reported to vendor
2008-01-15 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

Cody Pierce, TippingPoint DVLabs

Published Advisories

TPTI-10-01: Hewlett-Packard

• published 2010-01-21

TPTI-09-15: Hewlett-Packard

• published 2009-12-17

TPTI-09-13: Hewlett-Packard

• published 2009-12-09

TPTI-09-12: Hewlett-Packard

• published 2009-12-09

TPTI-09-11: Hewlett-Packard

• published 2009-12-09

Upcoming Advisories

Microsoft

• reported 2009-10-29

Sophos

• reported 2009-04-01

Oracle

• reported 2009-03-13

Blog Entries

Mostrame la Guita!

• 2009-10-29 by Pedram Amini
• (4 Comments)

Ekoparty Wrap Up

• 2009-09-21 by Pedram Amini
• (6 Comments)

IPS Testing Realities

• 2009-09-14 by Rohit Dhamankar
• (0 Comments)

Ekoparty 2009

• 2009-09-08 by Pedram Amini
• (9 Comments)

BlackHat USA 2009 Talk Choices

• 2009-07-26 by Pedram Amini
• (10 Comments)