January 11, 2008
QuickTime is just feeling a little vulnerable right now
Posted Jan. 11, ’08, 9:54 AM PT by Dan Moren
Category | Security
QuickTime. It’s like that kid in high school who always got beat up for his lunch money. Just one security problem after another. Yesterday, an Italian security researcher by the name of Luigi Auriemma disclosed a buffer overflow in QuickTime 7.3.1.70 and earlier.
How does it work? If you guessed something to do with our old friend RTSP (Real Time Streaming Protocol) then you, sir (or madam), win a kewpie doll. Here’s how it breaks down: if you try to access an address with RTSP, and that address is invalid, it will try to access it via other protocols, such as HTTP. If that fails, it will display the HTTP error message, which will overflow the buffer and potentially allow the execution of arbitrary code (everybody’s favorite).
The bug supposedly works on OS X and Windows, though I wasn’t able to duplicate it myself (the instructions were a little confusing). No fix is provided, though one would hope that Apple is hard at work at fixing this. I’d also hope Mr. Auriemma released it to Apple before simply publishing it online. In the meantime, remember: don’t go visiting strange RTSP URLs, ‘kay?
[via InformationWeek]
1 Comments
Leave a comment
Recent Entries
About MacUser
MacUser is your source for news, info, and opinion about Apple, the Mac, and the iPod. Our dedicated team of bloggers covers everything that is relevant to Mac users — and, okay, some stuff that’s not quite relevant, but is still a lot of fun.
Subscribe/RSS
- Blog Posts
- Blog Comments
- Podcast (RSS) (iTunes)
Tip us off!
- Email: macuser [at] macuser [dot] com
Recent Comments 
- The Gabe on Some major bands shun iTunes
- DJ Ren on Some major bands shun iTunes
- t on Rumors of Steve's demise are greatly exaggerated
- Jack on Psystar says Apple has trust issues
- William on Television ads misleading? Say it ain't so!
- vectr on Reunited: an Apple Remote and an Apple TV
Categories
- Apple (211)
- Advertising (148)
- Events (219)
- Huh? (170)
- Humor (251)
- News (143)
- People (240)
- Rivals (379)
- Speculation (154)
- Steve Jobs (157)
- Stores (196)
- Apple TV (56)
- Business (424)
- Games (137)
- Geekery (449)
- Hardware (885)
- Accessories (69)
- Intel Macs (161)
- Ihnatko (18)
- Internet (438)
- Legal (216)
- MacUser (91)
- Money (162)
- Music (328)
- Podcasting (98)
- Photography (70)
- Security (235)
- Software (1470)
- Updates (502)
- Tips (347)
- Troubleshooting (182)
- Video (379)
- Windows (205)
- iPhone (192)
- iPod (574)
- iPod Accessories (92)
- iPod Software (58)
- iTunes (110)
- iTunes Store (415)
Archives
- August 2008 (166)
- July 2008 (175)
- June 2008 (171)
- May 2008 (185)
- April 2008 (234)
- March 2008 (217)
- February 2008 (215)
- January 2008 (239)
- December 2007 (169)
- November 2007 (164)
- October 2007 (187)
- September 2007 (167)
- August 2007 (195)
- July 2007 (152)
- June 2007 (223)
- May 2007 (243)
- April 2007 (286)
- March 2007 (288)
- February 2007 (250)
- January 2007 (266)
- December 2006 (244)
- November 2006 (293)
- October 2006 (307)
- September 2006 (250)
- August 2006 (268)
- July 2006 (288)
- June 2006 (293)
- May 2006 (297)
- April 2006 (351)
- March 2006 (366)
- February 2006 (110)
- January 2006 (107)
- December 2005 (23)
Mac Publishing Sites
Links
I know this isnt a fix but does anyone know if memory randomization in Leopard would help prevent this exploit?