|
=0D
McAfee, Inc.=0D
McAfee Avert(tm) Labs Security Advisory=0D
Public Release Date: 2006-09-12=0D
=0D
Apple QuickTime Multiple Vulnerabilities=0D
=0D
CVE-2006-4382, CVE-2006-4384, CVE-2006-4385, CVE-2006-4386,=0D
CVE-2006-4388, CVE-2006-4389=0D
_________________________________________________=0D
=0D
* Synopsis=0D
=0D
Apple QuickTime is a multimedia technology used to process image, audio=0D
and video data. QuickTime is used by the Mac OS X operating system and=0D
by the QuickTime media player for Microsoft Windows.=0D
=0D
Seven code execution vulnerabilities are present in QuickTime support=0D
for various multimedia formats including: MOV, H.264, FLC, FPX and SGI.=0D
=0D
Exploitation could lead to execution of arbitrary code. User interaction=0D
is required for an attack to succeed. =0D
=0D
The risk rating for these issues is medium.=0D
=0D
_________________________________________________=0D
=0D
* Vulnerable Systems=0D
=0D
QuickTime 7.1.2 and below for Mac OS X=0D
QuickTime for Windows 7.1.2 and below=0D
=0D
_________________________________________________=0D
=0D
* Vulnerability Information=0D
=0D
CVE-2006-4382=0D
=0D
Two buffer overflow vulnerabilities are present in QuickTime MOV format=0D
support.=0D
=0D
CVE-2006-4384=0D
=0D
On heap overflow vulnerability is present in QuickTime FLC format=0D
support.=0D
=0D
CVE-2006-4385=0D
=0D
One buffer overflow vulnerability is present in QuickTime SGI format=0D
support.=0D
=0D
CVE-2006-4386=0D
=0D
One buffer overflow vulnerability is present in QuickTime MOV H.264=0D
format support.=0D
=0D
CVE-2006-4388=0D
=0D
One buffer overflow vulnerability is present in QuickTime FlashPix (FPX)=0D
format support.=0D
=0D
CVE-2006-4389=0D
=0D
One uninitialized memory access vulnerability is present in QuickTime=0D
FlashPix (FPX) format support. =0D
=0D
_________________________________________________=0D
=0D
=0D
* Resolution=0D
=0D
Apple has included fixes for the QuickTime issues in QuickTime version=0D
7.1.3 for Mac OS X and for Microsoft Windows. =0D
=0D
Further information is available at:=0D
http://docs.info.apple.com/article.html?artnum=304357=0D
=0D
_________________________________________________=0D
=0D
* Credits=0D
=0D
These vulnerabilities were discovered by Mike Price of McAfee Avert=0D
Labs.=0D
=0D
_________________________________________________=0D
=0D
=0D
* Legal Notice=0D
=0D
Copyright (C) 2006 McAfee, Inc.=0D
The information contained within this advisory is provided for the=0D
convenience of McAfee's customers, and may be redistributed provided=0D
that no fee is charged for distribution and that the advisory is not=0D
modified in any way. McAfee makes no representations or warranties=0D
regarding the accuracy of the information referenced in this document,=0D
or the suitability of that information for your purposes.=0D
=0D
McAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee,=0D
Inc. and/or its affiliated companies in the United States and/or other=0D
Countries. All other registered and unregistered trademarks in this=0D
document are the sole property of their respective owners.=0D
=0D
=0D
Best regards,=0D
=0D
Dave Marcus, B.A., CCNA, MCSE=0D
Security Research and Communications Manager=0D
McAfee(r) Avert(r) Labs=0D