Apple Patches Nine Vulnerabilities in QuickTime 7.7.3 Update

Author: Brian Donohue
minute read

Apple shipped fixes for nine vulnerabilities in its QuickTime multimedia platform. The QuickTime 7.7.3 update resolves bugs for Windows 7, Vista, and XP service pack 2 and later.

Apple shipped fixes for nine vulnerabilities in its QuickTime multimedia platform. The QuickTime 7.7.3 update resolves bugs for Windows 7, Vista, and XP service pack 2 and later.

The first two patches, discovered by IBM X-Force’s Mark Yason and Microsoft’s Jeremy brown respectively, resolve a buffer overflow in the handling of PICT files and REGION records, and a memory corruption issue in the handling of PICT files. Both vulnerabilities could be exploited if a user views a specially crafted PICT file, which in both cases could cause an application to crash or allow for arbitrary code execution.

The update also resolves three bugs that could cause unexpected application termination or enable the execution of arbitrary code if a user visits a maliciously crafted website. Two of the bugs were uncovered by chkr_d591, working with iDefense VCP. One was a use after free problem in the way the QuickTime plugin handled ‘_qtactivex_’ parameters within a HTML object element and the other was a use after free flaw in Quicktime ActiveX control’s handling of the Clear() method. The latter was discovered by TELUS Security Labs’ Pavel Polischouk and addressed a buffer overflow in the QuickTime plugin’s handling of MIME types.

There were also buffer overflows in the handling of the transform attribute in text3GTrack elements and style elements in QuickTime TeXML files. The overflows were discovered by ZDI’s Alexander Gavrun and TELUS Security Labs’ Arezou Hosseinzad-Amirkhizi, and could be exploited if users view a maliciously crafted QuickTime TeXML file.

Apple resolved a buffer overflow in Targa image files discovered by someone using the handle Senator of Pirates. Attackers could exploit this flaw by compelling a user to view a maliciously crafted Targa file, which could lead to the termination of applications or the execution of arbitrary code.

The last patch fixes a buffer overflow in the way ‘rnet’ boxes in MP4 files are handled. It was reported by Kevin Szkudlapski of QuarksLab and could allow for unexpected application termination or arbitrary code execution if users view a maliciously crafted movie file.

Suggested articles

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.