ID: 3848
Date: 02/06/2009
Title: 3848 - APPLE-SA-2009-06-01-1 QuickTime 7.6.2
Platform level affected:Operating System
Hardware components affected:Intel PC
Specific operating systems components affected: 32-bit Windows
Net-enabled software: Other
Security software:Other
Other software: Run-time Environment
Remediation Summary:Update your copy of the software with the download available from the supplier.
Vendors affected:Apple
Applications affected:QuickTime
Adversity source: Unknown
Attack Vector: Vulnerability exploitation
Virulence: Unknown
Warning Status: Active
Potential Damage: Remote execution/modification
Possible Duration: Open Ended
Availability of fix: Available
Type of fix: Patch
Source: www.apple.com
Reliability of source: Trusted
Source URL: http://support.apple.com/kb/HT3591
CVE: CVE-2009-0188, CVE-2009-0951, CVE-2009-0952, CVE-2009-0010, CVE-2009-0953, CVE-2009-0954, CVE-2009-0185, VE-2009-0955, CVE-2009-0956, CVE-2009-0957,
Abstract: This document describes the security content of QuickTime 7.6.2, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.
APPLE-SA-2009-06-01-1 QuickTime 7.6.2
QuickTime 7.6.2 is now available and addresses the following:
QuickTime
CVE-ID: CVE-2009-0188
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Opening a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in QuickTime's handling of Sorenson 3 video files. This may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of Sorenson 3 video files. Credit to Carsten Eiram of Secunia Research for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0951
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Opening a maliciously crafted FLC compression file may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in the handling of FLC compression files. Opening a maliciously crafted FLC compression file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0952
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Viewing a maliciously crafted PSD image may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow may occur while processing a compressed PSD image. Opening a maliciously crafted compressed PSD file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Damian Put working with TippingPoint's Zero Day Initiative for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0010
Available for: Windows Vista and XP SP3
Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution
Description: An integer underflow in QuickTime's handling of PICT images may result in a heap buffer overflow. Opening a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit to Sebastian Apelt working with TippingPoint's Zero Day Initiative, and Chris Ries of Carnegie Mellon University Computing Services for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0953
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime's handling of PICT images. Opening a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution.
This update addresses the issue by performing additional validation of PICT images. Credit to Sebastian Apelt working with TippingPoint's Zero Day Initiative for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0954
Available for: Windows Vista and XP SP3
Impact: Opening a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime's handling of Clipping Region (CRGN) atom types in a movie file. Opening a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect Mac OS X systems. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0185
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in the handling of MS ADPCM encoded audio data. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Alin Rad Pop of Secunia Research for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0955
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Opening a maliciously crafted video file may lead to an unexpected application termination or arbitrary code execution
Description: A sign extension issue exists in QuickTime's handling of image description atoms. Opening a maliciously crafted Apple video file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved validation of description atoms. Credit to Roee Hay of IBM Rational Application Security Research Group for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0956
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Viewing a movie file with a maliciously crafted user data atom may lead to an unexpected application termination or arbitrary code execution
Description: An uninitialized memory access issue exists in QuickTime's handling of movie files. Viewing a movie file with a zero user data atom size may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of movie files, and presenting a warning dialog to the user. Credit to Lurene Grenier of Sourcefire, Inc. (VRT) for reporting this issue.
QuickTime
CVE-ID: CVE-2009-0957
Available for: Mac OS X v10.4.11, Mac OS X v10.5.7, Windows Vista and XP SP3
Impact: Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime's handling of JP2 images. Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Charlie Miller of Independent Security Evaluators, and Damian Put working with TippingPoint's Zero Day Initiative for reporting this issue.
QuickTime 7.6.2 may be obtained from the Software Update application, or from the QuickTime Downloads site:
http://www.apple.com/quicktime/download/
For Mac OS X v10.5.7
The download file is named: "QuickTime762_Leopard.dmg"
Its SHA-1 digest is: 9484ba3e41638935625b7eb338f0b31298f1f973
For Mac OS X v10.4.11
The download file is named: "QuickTime762_Tiger.dmg"
Its SHA-1 digest is: 74b1c170907dc402c6855b37cfe1a3432a10a92f
For Windows Vista / XP SP3
The download file is named: "QuickTimeInstaller.exe"
Its SHA-1 digest is: f8ba0b1ef3cf5a0317ea28b31db71e79c63e48b8
QuickTime with iTunes for Windows 32-bit XP or Vista The download file is named: "iTunesSetup.exe"
Its SHA-1 digest is: 16f5b1e787b36aece842ea5ae80bfc6bf2b32b19
QuickTime with iTunes for Windows 64-bit Vista The download file is named: "iTunes64Setup.exe"
Its SHA-1 digest is: b8739f847f2b66835f4f4b542b3308de96d418ed
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at:
https://www.apple.com/support/security/pgp/
This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.
The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.
CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.
Tue, 02 Jun 2009 10:30:00 GMT
Domain affected: Technical