Serious QuickTime Vulnerability
The Danish company Secunia , specializing in computer security, made a serious gap in Apple’s famous QuickTime player for the Windows platform. Secunia reports that the vulnerability could be exploited by fraudulently redirecting the user to a malicious web page.
According to a Danish agency report, a flaw in the QuickTime error logging process for stream debugging can be used to trigger a buffer overflow. This happens when a program writes data outside the bounds of its allocated memory.
Buffer overflow is a serious threat to the security of your computer, because in most cases, overflow allows you to insert arbitrary code into memory for later execution.
To exploit this QuickTime vulnerability, a code execution hacker leads users to a Web page that refers to a specially processed SMIL file containing a long URL. SMIL is an XML-based markup language used to describe the markup of time synchronization, placement, animations, visual transformations and many other aspects of multimedia objects.
')
This type of attacks carried out on the Web is known for downloading and transferring data without being noticed by the user during a harmless action (such as, for example, trying to press the "cross" to close the banner not only results in closing the banner, but also downloading malware). Malware developers regularly try to infect reliable websites with their banners and other content that are intended to exploit this vulnerability in outdated versions of popular software (Adobe Reader, Adobe Flash Player, Java Runtime, ActiveX).
QuickTime is a valuable target for cybercriminals, since the player is installed on a very large number of computers around the world. Almost all people who own an iPod, iPhone or iPad, use iTunes, and iTunes requires QuickTime for audio and video playback.
The vulnerability works on the latest version of QuickTime Player 7.6.6 (1671), but it is possible that older versions are also vulnerable.
The vulnerability itself was found by a Polish researcher Krystian Kloskowski , who in May discovered a similar vulnerability in the Safari browser.
There is no patch or workaround yet, and Apple has not yet responded to the Secunia report.
More information about the vulnerability can be found here .
According to a Danish agency report, a flaw in the QuickTime error logging process for stream debugging can be used to trigger a buffer overflow. This happens when a program writes data outside the bounds of its allocated memory.
Buffer overflow is a serious threat to the security of your computer, because in most cases, overflow allows you to insert arbitrary code into memory for later execution.
To exploit this QuickTime vulnerability, a code execution hacker leads users to a Web page that refers to a specially processed SMIL file containing a long URL. SMIL is an XML-based markup language used to describe the markup of time synchronization, placement, animations, visual transformations and many other aspects of multimedia objects.
')
This type of attacks carried out on the Web is known for downloading and transferring data without being noticed by the user during a harmless action (such as, for example, trying to press the "cross" to close the banner not only results in closing the banner, but also downloading malware). Malware developers regularly try to infect reliable websites with their banners and other content that are intended to exploit this vulnerability in outdated versions of popular software (Adobe Reader, Adobe Flash Player, Java Runtime, ActiveX).
QuickTime is a valuable target for cybercriminals, since the player is installed on a very large number of computers around the world. Almost all people who own an iPod, iPhone or iPad, use iTunes, and iTunes requires QuickTime for audio and video playback.
The vulnerability works on the latest version of QuickTime Player 7.6.6 (1671), but it is possible that older versions are also vulnerable.
The vulnerability itself was found by a Polish researcher Krystian Kloskowski , who in May discovered a similar vulnerability in the Safari browser.
There is no patch or workaround yet, and Apple has not yet responded to the Secunia report.
More information about the vulnerability can be found here .
Source: https://habr.com/ru/post/100447/
All Articles