SDA India is an online resource for Software, Development,IT, Architecture, Open Source, Mobile, Security, Databases, Delphi, C, OS, Asp, .Net, Php, Xml, Java
From the News Desk
Monday, 14. January 2008
New Year Brings in Yet Another Flaw in QuickTime
An Italian researcher has identified a flaw in Apple's QuickTime media application that can allow an attacker to perform a DoS (denial of service) attack or take control of an affected PC.
Security researcher Luigi Auriemma reported that a buffer overflow condition exists in version QuickTime 7.3.1. According to Auriemma's advisory, the problem is a buffer-overflow, which happens during the handling of the HTTP error message and its visualization in the LCD-like screen that contains info about the status of the connection.
The buffer overflow could lead to arbitrary code execution or a denial of service attacker (DoS), he said.
Alfred Huger, the VP of development at Symantec Security Response, has further backed the fact of the presence of the worm. Hugar notes that in testing, the proof-of-concept code only managed to crash the product; however, “it’s a safe assumption that if you can do that you may be able to execute remote code,” he says. “It’s very serious.”
FrSIRT, the French Security Incident Response Team, has ranked the flaw “critical,” meaning that it can be exploited from a remote location. US-CERT also warned end-users about the flaw, providing a number of workarounds and advising users to avoid links including URL encoding, IP address variations, long URLs and intentional misspellings.
The flaw is the latest in a series of bugs that QuickTime has had to address. Polish researcher Krystian Kloskowski detected another QuickTime stack-based buffer overflow error November 2007, which affected version 7.3. Attackers shortly thereafter targeted the flaw with an active, "in-the-wild" exploit.
Security researcher Luigi Auriemma reported that a buffer overflow condition exists in version QuickTime 7.3.1. According to Auriemma's advisory, the problem is a buffer-overflow, which happens during the handling of the HTTP error message and its visualization in the LCD-like screen that contains info about the status of the connection.
The buffer overflow could lead to arbitrary code execution or a denial of service attacker (DoS), he said.
Alfred Huger, the VP of development at Symantec Security Response, has further backed the fact of the presence of the worm. Hugar notes that in testing, the proof-of-concept code only managed to crash the product; however, “it’s a safe assumption that if you can do that you may be able to execute remote code,” he says. “It’s very serious.”
FrSIRT, the French Security Incident Response Team, has ranked the flaw “critical,” meaning that it can be exploited from a remote location. US-CERT also warned end-users about the flaw, providing a number of workarounds and advising users to avoid links including URL encoding, IP address variations, long URLs and intentional misspellings.
The flaw is the latest in a series of bugs that QuickTime has had to address. Polish researcher Krystian Kloskowski detected another QuickTime stack-based buffer overflow error November 2007, which affected version 7.3. Attackers shortly thereafter targeted the flaw with an active, "in-the-wild" exploit.
