1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Apple QuickTime PictureViewer BO

HTTP Apple QuickTime PictureViewer BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability in QuickTime PictureViewer which may result in remote code execution.

Additional Information

QuickTime Player is the media player distributed by Apple for QuickTime as well as other media files.

Apple QuickTime is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before copying it to finite sized process buffers.

This issue occurs when the application handles malformed JPEG and PICT files, other file formats may also be affected.

An attacker may be able to exploit this issue to execute arbitrary machine code in the context of the affected application; this has not been confirmed. Unsuccessful exploitation attempts will most likely result in a crash of the application.

This issue affects QuickTime versions 6.5.2 and 7.0.3; other versions may also be vulnerable. Version 7.0.4 may also be vulnerable, this has not been confirmed.

This issue may have previously been discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities).

Affected

  • Apple QuickTime Player 6.5.2, 7.0.3, 7.0.4

Response

Download and install the latest vendor patches related to this issue.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube