Apple QuickTime contains an integer overflow in handling UDTA atoms, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Apple QuickTime User Data (UDTA) Atoms allow a user to "... define and store data associated with a QuickTime object, such as a movie, track, or media. This includes both information that QuickTime looks for, such as copyright information or whether a movie should loop, and arbitrary information—provided by and for your application—that QuickTime simply ignores."
Apple QuickTime 7.1.5 addresses an integer overflow in the handling of the size field in UDTA Atoms. Note that this issue affects QuickTime installations on both Apple Mac OS X and Microsoft Windows operating systems.
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition. The crafted QuickTime media file may be supplied on a web page, in an email for the victim to select, or by some other means designed to encourage them to invoke QuickTime on the exploit file.
This vulnerability was reported by Apple, who in turn credit Sowhat of Nevis Labs, and an anonymous researcher working with TippingPoint and the Zero Day Initiative for reporting this issue
This document was written by Will Dormann.
|Date First Published:||2007-03-06|
|Date Last Updated:||2007-03-19 18:45 UTC|