CVE-2005-3713
CVSS7.5
发布时间 :2005-12-31 00:00:00
修订时间 :2011-10-18 00:00:00
NMCOPS    

[原文]Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block.


[CNNVD]Apple QuickTime畸形GIF堆溢出漏洞(CNNVD-200512-862)

        Apple QuickTime Player是QuickTime软件包的一个组件,可提供高质量声音和图象的媒体播放功能。
        Quicktime在处理GIF文件时存在漏洞,成功利用这个漏洞的攻击者可以远程执行任意代码。
        Quicktime在处理GIF文件的Netscape Navigator应用扩展块时没有执行正确的边界检查,未经检查堆大小便分配的内存,可能在Picture Modifier块中覆盖堆。
        计算块大小的代码如下:
        .text:66A339CC mov ax, [esi+0Ch]
        .text:66A339D0 xor ecx, ecx
        .text:66A339D2 mov [esp+34h+var_28], ecx
        .text:66A339D6 mov [esp+34h+var_24], ecx
        .text:66A339DA mov [esp+34h+var_20], ecx
        .text:66A339DE mov [esp+34h+var_1C], ecx
        .text:66A339E2 mov word ptr [esp+34h+var_10], cx
        .text:66A339E7 mov [esp+34h+arg_4], eax
        .text:66A339EB movsx eax, ax
        .text:66A339EE mov word ptr [esp+34h+var_10+2], cx
        .text:66A339F3 mov cx, [esi+8]
        .text:66A339F7 movsx edx, cx
        .text:66A339FA sub eax, edx
        .text:66A339FC movsx edx, word ptr [esi+6]
        .text:66A33A00 add eax, 3Eh
        .text:66A33A03 push edi
        .text:66A33A04 movsx edi, word ptr [esi+0Ah]
        .text:66A33A08 sar eax, 3
        .text:66A33A0B lea ebx, [esi+6]
        .text:66A33A0E and eax, 0FFFFFFFCh
        .text:66A33A11 sub edi, edx
        .text:66A33A13 movsx edx, ax
        .text:66A33A16 mov [esi+4], ax
        .text:66A33A1A imul edi, edx
        分配代码是:
        .text:66A33A68 push edi
        .text:66A33A69 call sub_668B5B30
        在处理内存数据时会使用真实的解码数据覆盖内存,但没有检查堆的大小。写入代码函数部分如下(sub_66AE0A70):
        .text:66AE0B18 movsx edx, word ptr [edi+12h] ; default
        .text:66AE0B1C imul edx, [edi+0Ch]
        .text:66AE0B20 mov ecx, [edi+4]
        .text:66AE0B23 inc word ptr [edi+16h]
        .text:66AE0B27 mov eax, [esp+arg_0]
        .text:66AE0B2B add edx, ecx
        .text:66AE0B2D mov [eax], edx
        .text:66AE0B2F mov eax, [ebp+10h]
        .text:66AE0B32 test eax, eax
        .text:66AE0B34 jz short loc_66AE0B62
        .text:66AE0B36 mov ax, [ebp+1Ch]
        .text:66AE0B3A mov edx, [ebp+0Ch]
        .text:66AE0B3D movzx cx, ah
        .text:66AE0B41 mov ch, al
        .text:66AE0B43 mov [edx], cx
        .text:66AE0B46 movsx eax, word ptr [edi+12h]
        .text:66AE0B4A imul eax, [ebp+14h]
        .text:66AE0B4E add eax, [ebp+10h]
        .text:66AE0B51 mov cx, [ebp+18h]
        .text:66AE0B55 mov [ebp+0Ch], eax
        .text:66AE0B58 mov [ebp+1Ah], cx
        .text:66AE0B5C mov word ptr [ebp+1Ch], 0

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-119 [内存缓冲区边界内操作的限制不恰当]

- CPE (受影响的平台与产品)

cpe:/a:apple:quicktime:7.0.2Apple Quicktime 7.0.2
cpe:/a:apple:quicktime:7.0.1Apple Quicktime 7.0.1
cpe:/a:apple:quicktime:7.0Apple Quicktime 7.0
cpe:/a:apple:quicktime:7.0.3Apple Quicktime 7.0.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3713
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200512-862
(官方数据源) CNNVD

- 其它链接及资源

http://www.us-cert.gov/cas/techalerts/TA06-011A.html
(UNKNOWN)  CERT  TA06-011A
http://www.kb.cert.org/vuls/id/913449
(UNKNOWN)  CERT-VN  VU#913449
http://www.securityfocus.com/bid/16202
(PATCH)  BID  16202
http://secunia.com/advisories/18370
(VENDOR_ADVISORY)  SECUNIA  18370
http://docs.info.apple.com/article.html?artnum=303101
(PATCH)  APPLE  APPLE-SA-2006-01-10
http://xforce.iss.net/xforce/xfdb/24060
(UNKNOWN)  XF  quicktime-gif-bo(24060)
http://www.vupen.com/english/advisories/2006/0128
(VENDOR_ADVISORY)  VUPEN  ADV-2006-0128
http://www.securityfocus.com/archive/1/archive/1/421561/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060111 [EEYEB-20051031] Apple QuickTime Malformed GIF Heap Overflow
http://www.securityfocus.com/archive/1/archive/1/421547/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060111 Updated Advisories - Incorrect CVE Information
http://www.osvdb.org/22338
(UNKNOWN)  OSVDB  22338
http://www.eeye.com/html/research/advisories/AD20060111d.html
(UNKNOWN)  MISC  http://www.eeye.com/html/research/advisories/AD20060111d.html
http://securitytracker.com/id?1015466
(UNKNOWN)  SECTRACK  1015466
http://securityreason.com/securityalert/333
(UNKNOWN)  SREASON  333
http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0402.html
(UNKNOWN)  FULLDISC  20060111 Updated Advisories - Incorrect CVE Information
http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0401.html
(UNKNOWN)  FULLDISC  20060111 [EEYEB-20051031] Apple QuickTime Malformed GIF Heap Overflow

- 漏洞信息

Apple QuickTime畸形GIF堆溢出漏洞
高危 缓冲区溢出
2005-12-31 00:00:00 2006-05-24 00:00:00
远程  
        Apple QuickTime Player是QuickTime软件包的一个组件,可提供高质量声音和图象的媒体播放功能。
        Quicktime在处理GIF文件时存在漏洞,成功利用这个漏洞的攻击者可以远程执行任意代码。
        Quicktime在处理GIF文件的Netscape Navigator应用扩展块时没有执行正确的边界检查,未经检查堆大小便分配的内存,可能在Picture Modifier块中覆盖堆。
        计算块大小的代码如下:
        .text:66A339CC mov ax, [esi+0Ch]
        .text:66A339D0 xor ecx, ecx
        .text:66A339D2 mov [esp+34h+var_28], ecx
        .text:66A339D6 mov [esp+34h+var_24], ecx
        .text:66A339DA mov [esp+34h+var_20], ecx
        .text:66A339DE mov [esp+34h+var_1C], ecx
        .text:66A339E2 mov word ptr [esp+34h+var_10], cx
        .text:66A339E7 mov [esp+34h+arg_4], eax
        .text:66A339EB movsx eax, ax
        .text:66A339EE mov word ptr [esp+34h+var_10+2], cx
        .text:66A339F3 mov cx, [esi+8]
        .text:66A339F7 movsx edx, cx
        .text:66A339FA sub eax, edx
        .text:66A339FC movsx edx, word ptr [esi+6]
        .text:66A33A00 add eax, 3Eh
        .text:66A33A03 push edi
        .text:66A33A04 movsx edi, word ptr [esi+0Ah]
        .text:66A33A08 sar eax, 3
        .text:66A33A0B lea ebx, [esi+6]
        .text:66A33A0E and eax, 0FFFFFFFCh
        .text:66A33A11 sub edi, edx
        .text:66A33A13 movsx edx, ax
        .text:66A33A16 mov [esi+4], ax
        .text:66A33A1A imul edi, edx
        分配代码是:
        .text:66A33A68 push edi
        .text:66A33A69 call sub_668B5B30
        在处理内存数据时会使用真实的解码数据覆盖内存,但没有检查堆的大小。写入代码函数部分如下(sub_66AE0A70):
        .text:66AE0B18 movsx edx, word ptr [edi+12h] ; default
        .text:66AE0B1C imul edx, [edi+0Ch]
        .text:66AE0B20 mov ecx, [edi+4]
        .text:66AE0B23 inc word ptr [edi+16h]
        .text:66AE0B27 mov eax, [esp+arg_0]
        .text:66AE0B2B add edx, ecx
        .text:66AE0B2D mov [eax], edx
        .text:66AE0B2F mov eax, [ebp+10h]
        .text:66AE0B32 test eax, eax
        .text:66AE0B34 jz short loc_66AE0B62
        .text:66AE0B36 mov ax, [ebp+1Ch]
        .text:66AE0B3A mov edx, [ebp+0Ch]
        .text:66AE0B3D movzx cx, ah
        .text:66AE0B41 mov ch, al
        .text:66AE0B43 mov [edx], cx
        .text:66AE0B46 movsx eax, word ptr [edi+12h]
        .text:66AE0B4A imul eax, [ebp+14h]
        .text:66AE0B4E add eax, [ebp+10h]
        .text:66AE0B51 mov cx, [ebp+18h]
        .text:66AE0B55 mov [ebp+0Ch], eax
        .text:66AE0B58 mov [ebp+1Ah], cx
        .text:66AE0B5C mov word ptr [ebp+1Ch], 0

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://www.apple.com/quicktime/

- 漏洞信息 (F43062)

Technical Cyber Security Alert 2006-11A (PacketStormID:F43062)
2006-01-15 00:00:00
US-CERT  us-cert.gov
advisory,denial of service,arbitrary,vulnerability
apple
CVE-2005-4092,CVE-2005-3707,CVE-2005-3710,CVE-2005-3713,CVE-2005-2340
[点击下载]

Technical Cyber Security Alert TA06-011A - Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

   
                        National Cyber Alert System

                 Technical Cyber Security Alert TA06-011A


Apple QuickTime Vulnerabilities

   Original release date: January 11, 2006
   Last revised: January 11, 2006
   Source: US-CERT

Systems Affected

   Apple QuickTime on systems running

     * Apple Mac OS X
     * Microsoft Windows XP
     * Microsoft Windows 2000


Overview

   Apple has released QuickTime 7.0.4 to correct multiple
   vulnerabilities. The impacts of these vulnerabilities include
   execution of arbitrary code and denial of service.


I. Description

   Apple QuickTime 7.0.4 resolves a number of image and media file
   handling vulnerabilities. Further details are available in the
   following Vulnerability Notes:

   VU#629845 - Apple QuickTime image handling buffer overflow

   Apple QuickTime contains a heap overflow vulnerability that may allow
   an attacker to execute arbitrary code or cause a denial-of-service
   condition.
   (CAN-2005-2340)

   VU#921193 - Apple QuickTime fails to properly handle corrupt media
   files

   Apple QuickTime contains a heap overflow vulnerability in the handling
   of media files. This vulnerability may allow a remote, unauthenticated
   attacker to execute arbitrary code or cause a denial of service on a
   vulnerable system.
   (CAN-2005-4092)

   VU#115729 - Apple QuickTime fails to properly handle corrupt TGA
   images

   A flaw in the way Apple QuickTime handles Targa (TGA) image format
   files could allow a remote attacker to execute arbitrary code on a
   vulnerable system.
   (CAN-2005-3707)

   VU#150753 - Apple QuickTime fails to properly handle corrupt TIFF
   images

   Apple QuickTime contains an integer overflow vulnerability in the
   handling of TIFF images. This vulnerability may allow a remote,
   unauthenticated attacker to execute arbitrary code or cause a denial
   of service on a vulnerable system.
   (CAN-2005-3710)

   VU#913449 - Apple QuickTime fails to properly handle corrupt GIF
   images

   A flaw in the way Apple QuickTime handles Graphics Interchange Format
   (GIF) files could allow a remote attacker to execute arbitrary code on
   a vulnerable system.
   (CAN-2005-3713)


II. Impact

   The impacts of these vulnerabilities vary. For information about
   specific impacts, please see the Vulnerability Notes. Potential
   consequences include remote execution of arbitrary code or commands
   and denial of service.


III. Solution

Upgrade

   Upgrade to QuickTime 7.0.4.


Appendix A. References

     * US-CERT Vulnerability Note VU#629845 -
       <http://www.kb.cert.org/vuls/id/629845>

     * US-CERT Vulnerability Note VU#921193 -
       <http://www.kb.cert.org/vuls/id/921193>

     * US-CERT Vulnerability Note VU#115729 -
       <http://www.kb.cert.org/vuls/id/115729>

     * US-CERT Vulnerability Note VU#150753 -
       <http://www.kb.cert.org/vuls/id/150753>

     * US-CERT Vulnerability Note VU#913449 -
       <http://www.kb.cert.org/vuls/id/913449>

     * CVE-2005-2340 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340>

     * CVE-2005-4092 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092>

     * CVE-2005-3707 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707>

     * CVE-2005-3710 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710>

     * CVE-2005-3713 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713>

     * Security Content for QuickTime 7.0.4 -
       <http://docs.info.apple.com/article.html?artnum=303101>

     * QuickTime 7.0.4 -
       <http://www.apple.com/support/downloads/quicktime704.html>

     * About the Mac OS X 10.4.4 Update (Delta) -
       <http://docs.info.apple.com/article.html?artnum=302810>


 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA06-011A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the
   subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________



Revision History

   January 11, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj
34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey
AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/
HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL
osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy
0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw==
=5Kiq
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F43060)

EEYEB-20051031.txt (PacketStormID:F43060)
2006-01-15 00:00:00
Fang Xing  eeye.com
advisory,web,overflow,arbitrary,activex
apple
CVE-2005-3713
[点击下载]

eEye Security Advisory - eEye Digital Security has discovered a critical heap overflow in the Apple Quicktime player that allows for the execution of arbitrary code via a maliciously crafted GIF file. This flaw has proven to allow for reliable control of data on the heap chunk and can be exploited via a web site by using ActiveX controls.

EEYEB-20051031 Apple QuickTime Malformed GIF Heap Overflow

Release Date:
January 10, 2006

Date Reported:
October 31, 2005

Severity:
High (Code Execution)

Patch Development Time (In Days):
71 Days

Severity:
High (Code Execution)

Vendor:
Apple


Systems Affected:
Quicktime on Windows 2000
Quicktime on Windows XP
Quicktime on Mac OS X 10.3.9

Apple iTunes on Windows 2000
Apple iTunes on Windows XP
Apple iTunes on OS X 10.3.9


Overview:
eEye Digital Security has discovered a critical heap overflow in the Apple Quicktime player that allows for the execution of arbitrary code via a maliciously crafted GIF file.

This flaw has proven to allow for reliable control of data on the heap chunk and can be exploited via a web site by using ActiveX controls.

Technical Details:
When Quicktime processes the Netscape Navigator Application Extension Block of a gif file, it does not perform proper bounds checking, so it will allocate memory without checking the heap size. The heap can be overwritten in the Picture Modifier block.  
The block size calculate code such as:
.text:66A339CC                 mov     ax, [esi+0Ch]
.text:66A339D0                 xor     ecx, ecx
.text:66A339D2                 mov     [esp+34h+var_28], ecx
.text:66A339D6                 mov     [esp+34h+var_24], ecx
.text:66A339DA                 mov     [esp+34h+var_20], ecx
.text:66A339DE                 mov     [esp+34h+var_1C], ecx
.text:66A339E2                 mov     word ptr [esp+34h+var_10], cx
.text:66A339E7                 mov     [esp+34h+arg_4], eax
.text:66A339EB                 movsx   eax, ax
.text:66A339EE                 mov     word ptr [esp+34h+var_10+2], cx
.text:66A339F3                 mov     cx, [esi+8]
.text:66A339F7                 movsx   edx, cx
.text:66A339FA                 sub     eax, edx
.text:66A339FC                 movsx   edx, word ptr [esi+6]
.text:66A33A00                 add     eax, 3Eh
.text:66A33A03                 push    edi
.text:66A33A04                 movsx   edi, word ptr [esi+0Ah]
.text:66A33A08                 sar     eax, 3
.text:66A33A0B                 lea     ebx, [esi+6]
.text:66A33A0E                 and     eax, 0FFFFFFFCh
.text:66A33A11                 sub     edi, edx
.text:66A33A13                 movsx   edx, ax
.text:66A33A16                 mov     [esi+4], ax
.text:66A33A1A                 imul    edi, edx

The allocate code is :
.text:66A33A68                 push    edi
.text:66A33A69                 call    sub_668B5B30


But when it real process data to this memory, it use real decode data to write this memory 
but didn    

- 漏洞信息 (F43057)

EEYEB-20051229.txt (PacketStormID:F43057)
2006-01-15 00:00:00
Fang Xing  eeye.com
advisory,web,overflow,activex
CVE-2005-3713
[点击下载]

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. There is a stack overflow in the way QuickTime processes qtif format files. An attacker can create a qtif file and send it to the user via email, web page, or qtif file with activex and can directy overflow a function pointer immediately used so it can bypass any stack overflow protection in systems such as xp sp2 and 2003 sp1.

EEYEB-20051229 Apple QuickTime QTIF Stack Overflow

Release Date:
January 10, 2006

Date Reported:
December 29, 2005

Patch Development Time (In Days):
12 days    

Severity:
High (Code Execution)

Vendor:
Apple

Systems Affected:
Quicktime on Windows 2000
Quicktime on Windows XP
Quicktime on Mac OS X 10.3.9


Overview:
eEye Digital Security has discovered a critical vulnerability in
QuickTime Player. There is a stack overflow in the way QuickTime
processes qtif format files. An attacker can create a qtif file and send
it to the user via email, web page, or qtif file with activex and can
directy overflow a function pointer immediately used so it can bypass
any stack overflow protection in systems such as xp sp2 and 2003 sp1.

Technical Details:
When Quicktime processes the data field of a qtif format file, it will
copy it to the stack by a byte to a byte , but there is no proper
checking, so it will cause a stack overflow in memory. And in this
stack, there is a function pointer which will be used immediately when
it pre byte copies, so we can use it to bypass any stack overflow
protection, such in xp sp2 and 2003 sp1.

The origin function point value is 0x44332211.  We only need to overflow
it to : 0x08332211, ensuring it didn't cause a crash before the 0x44 has
been overflowed to 0x08.  When it overflows to 0x08332211, we can
execute code to 0x08332211, and can first use javascript to get this
memory and set my code in it.

call    [esp+138h+arg_4] <- call a function point in the stack, but this
point can be overflowed


References
QuickTime: QuickTime File Format
http://developer.apple.com/documentation/QuickTime/QTFF/index.html

Protection:
Retina Network Security Scanner has been updated to identify this
vulnerability.

Vendor Status:
Apple has released a patch for this vulnerability. The patch is
available via the Updates section of the affected applications.
This vulnerability has been assigned the CVE identifier CVE-2005-2340.

Credit:
Discovery: Fang Xing

Greetings:
Thanks to all the guys at eEye, and especially Karl Lynn's help.

Copyright (c) 1998-2006 eEye Digital Security
Permission is hereby granted for the redistribution of this alert
electronically. It is not to be edited in any way without express
consent of eEye. If you wish to reprint the whole or any part of this
alert in any other medium excluding electronic medium, please email
alert@eEye.com for permission.

Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are no warranties, implied or express, with regard to this information.
In no event shall the author be liable for any direct or indirect
damages whatsoever arising out of or in connection with the use or
spread of this information. Any use of this information is at the user's
own risk.
    

- 漏洞信息

22338
Apple QuickTime GIF Image Netscape Navigator Application Extension Block Overflow
Remote / Network Access Input Manipulation
Loss of Integrity
Vendor Verified

- 漏洞描述

A remote overflow exists in Apple Quicktime. A remote attacker can create a specially crafted GIF image that when viewed results in a heap overflow. With such an image, an attacker can cause the execution of arbitrary code on a user's system.

- 时间线

2006-01-11 Unknow
Unknow 2006-01-11

- 解决方案

Upgrade to version 7.0.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Apple QuickTime GIF Image Processing Remote Heap Overflow Vulnerability
Boundary Condition Error 16864
Yes No
2006-01-10 12:00:00 2008-05-01 06:56:00
Fang Xing

- 受影响的程序版本

Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 7.0.4

- 不受影响的程序版本

Apple QuickTime Player 7.0.4

- 漏洞讨论

QuickTime is prone to a remote heap-based overflow vulnerability.

This issue presents itself when the application processes a specially crafted GIF image file.

A successful attack can result in a remote compromise.

Versions prior to QuickTime 7.0.4 are vulnerable.

NOTE: This issue was previously discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities), but has been assigned its own record to better document the vulnerability.

- 漏洞利用

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Apple has released advisory APPLE-SA-2006-01-10 including QuickTime 7.0.4 to address this issue. Please see the referenced advisory for more information.


Apple QuickTime Player 7.0.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站