Technology news and Jobs 
Information Technology News Exploit for QuickTime vulnerability in circulation
Information Technology News Exploit for QuickTime vulnerability in circulation | Exploit for QuickTime vulnerability in circulation |
|
| by Stephen Withers | |
| Tuesday, 27 November 2007 | |
      
The underlying problem is a stack buffer overflow that can be triggered by a maliciously crafted RTSP stream, resulting in a crash or the execution of arbitrary code. Symantec suggests the most likely attacks using this vulnerability will come via email using attachments that will open RTSP connections despite appearing to be media files, or through the web, using embedded QuickTime streaming objects. The company says the proof of concept is a successful web attack when received by Firefox, which passes the RTSP requests to QuickTime Player. Internet Explorer and Safari use a plug-in to handle QuickTime items, and the exploit triggers their overflow protection mechanisms. Symantec suggests this shortcoming might be overcome with more effort. Although the proof of concept only targets QuickTime 7.2 and 7.3 (which was released earlier this month) for Windows XP and Vista, it does not seem to have been established whether the Mac OS X versions share the vulnerability. Until Apple releases a path, suggested mitigations include disassociating the RTSP MIME type from QuickTime, blocking RTSP traffic at the firewall, and disabling QuickTime ActiveX controls in Internet Explorer. The Windows version of QuickTime is installed alongside iTunes, and is therefore found on a significant number of Windows-based PCs. A related vulnerability was disclosed during the Month of Apple Bugs. |
Tags
| < Next story in category | Previous story in the category > |
|---|
