[VIM] ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability
security curmudgeon
jericho at attrition.org
Fri Apr 2 21:58:33 UTC 2010
Hi ZDI,
http://seclists.org/fulldisclosure/2010/Apr/29
http://www.zerodayinitiative.com/advisories/ZDI-10-045
CVE-2010-0526
TippingPoint IPS Digital Vaccine protection filter ID 9629
2009-11-06 - Vulnerability reported to vendor
-and-
http://seclists.org/fulldisclosure/2010/Apr/19
http://www.zerodayinitiative.com/advisories/ZDI-10-035
CVE-2010-0526
TippingPoint IPS Digital Vaccine protection filter ID 8045
2009-03-26 - Vulnerability reported to vendor
Discrepancy between advisory, DV ID and reported to vendor date. Any
clarification?
Brian
OSVDB.org
On Fri, 2 Apr 2010, ZDI Disclosures wrote:
: ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-10-045
: April 2, 2010
:
: -- CVE ID:
: CVE-2010-0526
:
: -- Affected Vendors:
: Apple
:
: -- Affected Products:
: Apple OS X
:
: -- TippingPoint(TM) IPS Customer Protection:
: TippingPoint IPS customers have been protected against this
: vulnerability by Digital Vaccine protection filter ID 9629.
: For further product information on the TippingPoint IPS, visit:
:
: http://www.tippingpoint.com
:
: -- Vulnerability Details:
: This vulnerability allows remote attackers to execute arbitrary code on
: vulnerable installations of Apple QuickTime. User interaction is
: required to exploit this vulnerability in that the target must visit a
: malicious page or open a malicious file.
:
: The specific flaw exists during the parsing of MPEG content. Upon
: reading a field used for compression within a 'genl' atom in the movie
: container, the application will decompress outside the boundary of an
: allocated buffer. Successful exploitation can lead to code execution
: under the context of the application.
:
: -- Vendor Response:
: Apple states:
: http://support.apple.com/kb/HT4104
:
: http://support.apple.com/kb/HT4077
:
: -- Disclosure Timeline:
: 2009-11-06 - Vulnerability reported to vendor
: 2010-04-02 - Coordinated public release of advisory
:
: -- Credit:
: This vulnerability was discovered by:
: * Anonymous
:
: -- About the Zero Day Initiative (ZDI):
: Established by TippingPoint, The Zero Day Initiative (ZDI) represents
: a best-of-breed model for rewarding security researchers for responsibly
: disclosing discovered vulnerabilities.
:
: Researchers interested in getting paid for their security research
: through the ZDI can find more information and sign-up at:
:
: http://www.zerodayinitiative.com
:
: The ZDI is unique in how the acquired vulnerability information is
: used. TippingPoint does not re-sell the vulnerability details or any
: exploit code. Instead, upon notifying the affected product vendor,
: TippingPoint provides its customers with zero day protection through
: its intrusion prevention technology. Explicit details regarding the
: specifics of the vulnerability are not exposed to any parties until
: an official vendor patch is publicly available. Furthermore, with the
: altruistic aim of helping to secure a broader user base, TippingPoint
: provides this vulnerability information confidentially to security
: vendors (including competitors) who have a vulnerability protection or
: mitigation product.
:
: Our vulnerability disclosure policy is available online at:
:
: http://www.zerodayinitiative.com/advisories/disclosure_policy/
:
: Follow the ZDI on Twitter:
:
: http://twitter.com/thezdi
: _______________________________________________
: Full-Disclosure - We believe in it.
: Charter: http://lists.grok.org.uk/full-disclosure-charter.html
: Hosted and sponsored by Secunia - http://secunia.com/
:
More information about the VIM
mailing list