Signature Detail

HTTP: Apple QuickTime FlashPix Movie File Integer Overflow

This signature detects attempts to exploit a known vulnerability in Apple QuickTime. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.

Extended Description

Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update APPLE-SA-2010-03-29-1. The update addresses new vulnerabilities that affect AppKit, Application Firewall, AFP Server, ClamAV, CoreAudio, CoreMedia, CoreTypes, DesktopServices, Disk Images, Directory Services, Dovecot, Event Monitor, FreeRADIUS, FTP Server, iChat Server, ImageIO, Image RAW, Mail, OS Services, Password Server, Podcast Producer, Preferences, PS Normalizer, QuickTime, Wiki Server, and xar. This BID is being retired. The following individual records exist to better document the issues: 39279 Apple Mac OS X Mail Encryption Certificate Selection in Keychain Security Bypass Vulnerability 39281 Apple Mac OS X Open Directory Anonymous Access Security Bypass Vulnerability 39278 Apple Mac OS X Podcast Producer Access Validation Vulnerability 39153 Apple Mac OS X Preferences System Login Restrictions Authentication Bypass Security Vulnerability 39273 Apple Mac OS X Password Server Outdated Password Security Bypass Vulnerability 39277 Apple Mac OS X Image RAW Component NEF File Remote Buffer Overflow Vulnerability 39274 Apple Mac OS X SFLServer Local Privilege Escalation Vulnerability 39268 Apple Mac OS X Mail Rule Association Data Integrity Security Vulnerability 39264 Apple Mac OS X Firewall Blacklist Denial of Service Vulnerability 39256 Apple Mac OS X Directory Services Component Record Name Local Privilege Escalation Vulnerability 39255 Apple Mac OS X iChat Server CVE-2010-0504 Multiple Buffer Overflow Vulnerabilities 39252 Apple Mac OS X Disk Images Component Mounting 'bzip2' Image Remote Code Execution Vulnerability 39245 Apple Mac OS X iChat Server CVE-2010-0503 Remote Code Execution Vulnerability 39234 Apple Mac OS X FreeRADIUS Component EAP-TLS Authentication Bypass Vulerability 39236 Apple Mac OS X DesktopServices Security Bypass Vulnerability 39232 Apple Mac OS X Image RAW Component PEF File Remote Buffer Overflow Vulnerability 39230 Apple Mac OS X Incorrect Copied File Ownership Security Bypass Vulnerability 39231 Apple Mac OS X FTP Server Directory Traversal Vulnerability 39161 Apple QuickTime Sorenson-Encoded Movie File Remote Code Execution Vulnerability 39159 Apple QuickTime H.264 Movie File Remote Code Execution Vulnerability 39170 Apple Mac OS X ClamAV Definition Update Security Bypass Vulnerability 39194 Apple Mac OS X Internet-enabled Disk Image Security Bypass Vulnerability 39171 Apple Mac OS X ImageIO Component JP2 File Remote Heap Buffer Overflow Vulnerability 39152 Apple QuickTime FLC Encoded '.fli' Movie File Remote Heap Buffer Overflow Vulnerability 39155 Apple QuickTime FlashPix Encoded File 'NumberOfTiles' Remote Integer Overflow Vulnerability 39160 Apple QuickTime QDM2 and QDCA Encoded Audio Content (CVE-2010-0059) Memory Corruption Vulnerability 39154 Apple QuickTime M-JPEG Data '.mov' File Remote Heap Buffer Overflow Vulnerability 39164 Apple QuickTime QDMC and QDMC2 Encoded Audio Content Memory Corruption Vulnerability 39165 Apple QuickTime RLE Encoded '.mov' File Remote Heap Buffer Overflow Vulnerability 39166 Apple QuickTime MPEG Movie File 'genl' Atom Remote Heap Buffer Overflow Vulnerability 39175 Apple Mac OS X CoreTypes Security Bypass Vulnerability 39169 Apple Mac OS X Application Firewall Rule Remote Security Bypass Vulnerability 39172 Apple Mac OS X AFP Server AFP Share Security Bypass Vulnerability 39163 Apple QuickTime H.261 Movie File Remote Heap Buffer Overflow Vulnerability 39157 Apple Mac OS X AFP Server Mount AFP Share Security Bypass Vulnerability 39167 Apple QuickTime CoreMedia H.263 Encoded '.3g2' Movie Files Heap Buffer Overflow Vulnerability 39156 Apple Mac OS X AppKit Cocoa Application Spell Checker Buffer Overflow Vulnerability 39151 Apple Mac OS X PS Normalizer PostScript File Stack Buffer Overflow Vulnerability 39258 Dovecot Service Control Access List Security Bypass Vulnerability 39290 Apple Mac OS X Server Admin Screen Sharing Security Bypass Vulnerability 39289 Apple Mac OS X Wiki Server File Upload Security Bypass Vulnerability 39291 Apple Mac OS X Wiki Server Weblog SACL Security Bypass Vulnerability 39264 Apple Mac OS X Firewall Blacklist Denial of Service Vulnerability 39292 xar Package Signature Validation Remote Security Bypass Vulnerability

Affected Products

• Apple Mac OS X 10.5
• Apple Mac OS X 10.5.1
• Apple Mac OS X 10.5.2
• Apple Mac OS X 10.5.3
• Apple Mac OS X 10.5.4
• Apple Mac OS X 10.5.5
• Apple Mac OS X 10.5.6
• Apple Mac OS X 10.5.7
• Apple Mac OS X 10.5.8
• Apple Mac OS X 10.6
• Apple Mac OS X 10.6.1
• Apple Mac OS X 10.6.2
• Apple Mac OS X Server 10.5
• Apple Mac OS X Server 10.5.1
• Apple Mac OS X Server 10.5.2
• Apple Mac OS X Server 10.5.3
• Apple Mac OS X Server 10.5.4
• Apple Mac OS X Server 10.5.5
• Apple Mac OS X Server 10.5.6
• Apple Mac OS X Server 10.5.7
• Apple Mac OS X Server 10.5.8
• Apple Mac OS X Server 10.6
• Apple Mac OS X Server 10.6.1
• Apple Mac OS X Server 10.6.2
• Apple QuickTime Player 7.6
• Apple QuickTime Player 7.6.1
• Apple QuickTime Player 7.6.2
• Apple QuickTime Player 7.6.4
• Apple QuickTime Player 7.6.5

References

• BugTraq: 39020
• CVE: CVE-2010-0519