MoAB maintains pressure on Apple

Stephen Withers
Wednesday, 24 January 2007 12:01

Your IT - Home IT

The Month of Apple Bugs project is maintaining its recent focus on software actually emanating from the Cupertino-based company with the disclosure of a flaw in QuickDraw, the venerable graphics toolbox that dates back to the earliest days of the Macintosh.

The flaw relates to the way PICT images are decoded, and it is significant because programs commonly use QuickTime to display such images, and QuickTime calls upon QuickDraw when presented with a PICT images. PICT was introduced in 1984 as the standard metafile format for Mac software, and it caters for vector and bitmapped objects.

MoAB's LMH has discovered that a malformed PICT image can be used to corrupt the contents of memory, potentially allowing the execution of arbitrary code although that "can't be stated as [a] currently viable condition."

The danger is that users could be induced to open a malicious web page that includes a PICT file containing the exploit.

This exploit is reminiscent of previous vulnerabilities found in software used by Windows and Mac OS X to display other graphics formats including TIFF and BMP.

The suggested workaround is to "Use RCdefaultApp to disable any file and MIME type associations related with PICT files", thus preventing a browser or other application from automatically opening PICT files. RCDefaultApp is a free utility from Rubicode.