var-200801-0011
Vulnerability from variot
Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption. Apple QuickTime is prone to a memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted movie file. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects versions prior to Apple QuickTime 7.4 running on Microsoft Windows Vista, Microsoft Windows XP SP2, and Mac OS X. iDefense Security Advisory 01.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 15, 2008
I. BACKGROUND
Quicktime is Apple's media player product, and is used to render video and other media. For more information visit the vendor's web site at the following URL.
http://www.apple.com/quicktime/
II.
The vulnerability specifically exists in the handling of Macintosh Resources embedded in QuickTime movies. When processing these records, a length value stored in the resource header is not properly validated. When a length value larger than the actual buffer size is supplied, potentially exploitable memory corruption occurs.
III.
IV. DETECTION
iDefense Labs confirmed this vulnerability exists in QuickTime Player version 7.3.1. Previous versions are suspected to be vulnerable.
V. WORKAROUND
iDefense is currently unaware of any effective workaround for this issue.
VI. VENDOR RESPONSE
Apple has released QuickTime 7.4 which resolves this issue. More information is available via Apple's QuickTime Security Update page at the URL shown below.
http://docs.info.apple.com/article.html?artnum=307301
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2008-0032 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
09/13/2007 Initial vendor notification 09/13/2007 Initial vendor response 01/15/2008 Coordinated public disclosure
IX. CREDIT
This vulnerability was discovered by Jun Mao of VeriSign iDefense Labs.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2008 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
I. Description
Apple QuickTime 7.4 resolves multiple vulnerabilities in the way different types of image and media files are handled.
Note that Apple iTunes installs QuickTime, so any system with iTunes is vulnerable. Solution
Upgrade QuickTime
Upgrade to QuickTime 7.4. This and other updates for Mac OS X are available via Apple Update.
Secure your web browser
To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser.
References
* About the security content of the QuickTime 7.4 Update -
<http://docs.info.apple.com/article.html?artnum=307301>
* How to tell if Software Update for Windows is working correctly
when no updates are available -
<http://docs.info.apple.com/article.html?artnum=304263>
* Apple - QuickTime - Download -
<http://www.apple.com/quicktime/download/>
* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-016A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA08-016A Feedback VU#818697" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2007 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
January 16, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBR45mevRFkHkM87XOAQLP6AgAj7J4sy83ZWEKfcDb2brgHptxAwqvArkZ HzV+5lGg1A86V4/MARlxXctWv5JH3e2knx5ZoMUN8napP9VEag2Ra68Zdh9lKu1S nfCRRwcIj38iakuv7xKrNt1AJHj3rHguzCjvWu8gHEJtlb15zqVr97Ci9LuNdLP3 W4hdsIxuzYQl7Ou5+j0Z9bhH1WWZRjmabsop+b0ApxeZI2F6mJn0rscRvxPQYBls ims6CP7YseK4+ElJHAMEJfW/6gPhwyedjgesd0jssYvhtYdufn4OCZvwL+p9QSlQ +E+UKcws4BHlEpg0dQhA13REQxwqqMgSWdm3NU8hbGdEJAJGH0cYNQ== =emKJ -----END PGP SIGNATURE----- .
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: Apple QuickTime Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA28502
VERIFY ADVISORY: http://secunia.com/advisories/28502/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/
DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a vulnerable system.
3) An error in the parsing of malformed Image Descriptor (IDSC) atoms can be exploited to cause a heap corruption via a specially crafted movie file.
4) A boundary error exists within the processing of compressed PICT images and can be exploited to cause a buffer overflow.
QuickTime 7.4 for Leopard: http://www.apple.com/support/downloads/quicktime74forleopard.html
QuickTime 7.4 for Tiger: http://www.apple.com/support/downloads/quicktime74fortiger.html
QuickTime 7.4 for Panther: http://www.apple.com/support/downloads/quicktime74forpanther.html
QuickTime 7.4 for Windows: http://www.apple.com/support/downloads/quicktime74forwindows.html
PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Joe Schottman of Virginia Tech 2) Jun Mao, VeriSign iDefense Labs. 3) Cody Pierce, TippingPoint DVLabs 4) The vendor credits Chris Ries, Carnegie Mellon University Computing Services
ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=307301
TippingPoint DVLabs: http://dvlabs.tippingpoint.com/advisory/TPTI-08-01
iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=642
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200801-0011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "quicktime",
"scope": "lte",
"trust": 1.8,
"vendor": "apple",
"version": "7.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "quicktime player",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "27301"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
},
{
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:quicktime",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jun Mao",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
}
],
"trust": 0.6
},
"cve": "CVE-2008-0032",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2008-0032",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-30157",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-0032",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-0032",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200801-215",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-30157",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30157"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
},
{
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption. Apple QuickTime is prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted movie file. \nSuccessfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. \nThis issue affects versions prior to Apple QuickTime 7.4 running on Microsoft Windows Vista, Microsoft Windows XP SP2, and Mac OS X. iDefense Security Advisory 01.15.08\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nJan 15, 2008\n\nI. BACKGROUND\n\nQuicktime is Apple\u0027s media player product, and is used to render video\nand other media. For more information visit the vendor\u0027s web site at\nthe following URL. \n\nhttp://www.apple.com/quicktime/\n\nII. \n\nThe vulnerability specifically exists in the handling of Macintosh\nResources embedded in QuickTime movies. When processing these records,\na length value stored in the resource header is not properly validated. \nWhen a length value larger than the actual buffer size is supplied,\npotentially exploitable memory corruption occurs. \n\nIII. \n\nIV. DETECTION\n\niDefense Labs confirmed this vulnerability exists in QuickTime Player\nversion 7.3.1. Previous versions are suspected to be vulnerable. \n\nV. WORKAROUND\n\niDefense is currently unaware of any effective workaround for this\nissue. \n\nVI. VENDOR RESPONSE\n\nApple has released QuickTime 7.4 which resolves this issue. More\ninformation is available via Apple\u0027s QuickTime Security Update page at\nthe URL shown below. \n\nhttp://docs.info.apple.com/article.html?artnum=307301\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2008-0032 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n09/13/2007 Initial vendor notification\n09/13/2007 Initial vendor response\n01/15/2008 Coordinated public disclosure\n\nIX. CREDIT\n\nThis vulnerability was discovered by Jun Mao of VeriSign iDefense Labs. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2008 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n\nI. Description\n\n Apple QuickTime 7.4 resolves multiple vulnerabilities in the way\n different types of image and media files are handled. \n\n Note that Apple iTunes installs QuickTime, so any system with iTunes\n is vulnerable. Solution\n\nUpgrade QuickTime\n\n Upgrade to QuickTime 7.4. This and other updates for Mac OS X are\n available via Apple Update. \n\nSecure your web browser\n\n To help mitigate these and other vulnerabilities that can be exploited\n via a web browser, refer to Securing Your Web Browser. \n\n\nReferences\n\n * About the security content of the QuickTime 7.4 Update -\n \u003chttp://docs.info.apple.com/article.html?artnum=307301\u003e\n \n * How to tell if Software Update for Windows is working correctly\n when no updates are available -\n \u003chttp://docs.info.apple.com/article.html?artnum=304263\u003e\n \n * Apple - QuickTime - Download -\n \u003chttp://www.apple.com/quicktime/download/\u003e\n \n * Mac OS X: Updating your software -\n \u003chttp://docs.info.apple.com/article.html?artnum=106704\u003e\n \n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n \n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA08-016A.html\u003e\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA08-016A Feedback VU#818697\" in the\n subject. \n _________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n _________________________________________________________________\n\n Produced 2007 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n _________________________________________________________________\n\n \nRevision History\n\n January 16, 2007: Initial release\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBR45mevRFkHkM87XOAQLP6AgAj7J4sy83ZWEKfcDb2brgHptxAwqvArkZ\nHzV+5lGg1A86V4/MARlxXctWv5JH3e2knx5ZoMUN8napP9VEag2Ra68Zdh9lKu1S\nnfCRRwcIj38iakuv7xKrNt1AJHj3rHguzCjvWu8gHEJtlb15zqVr97Ci9LuNdLP3\nW4hdsIxuzYQl7Ou5+j0Z9bhH1WWZRjmabsop+b0ApxeZI2F6mJn0rscRvxPQYBls\nims6CP7YseK4+ElJHAMEJfW/6gPhwyedjgesd0jssYvhtYdufn4OCZvwL+p9QSlQ\n+E+UKcws4BHlEpg0dQhA13REQxwqqMgSWdm3NU8hbGdEJAJGH0cYNQ==\n=emKJ\n-----END PGP SIGNATURE-----\n. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nApple QuickTime Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA28502\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28502/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nApple QuickTime 7.x\nhttp://secunia.com/product/5090/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Apple QuickTime, which can\nbe exploited by malicious people to compromise a vulnerable system. \n\n3) An error in the parsing of malformed Image Descriptor (IDSC) atoms\ncan be exploited to cause a heap corruption via a specially crafted\nmovie file. \n\n4) A boundary error exists within the processing of compressed PICT\nimages and can be exploited to cause a buffer overflow. \n\nQuickTime 7.4 for Leopard:\nhttp://www.apple.com/support/downloads/quicktime74forleopard.html\n\nQuickTime 7.4 for Tiger:\nhttp://www.apple.com/support/downloads/quicktime74fortiger.html\n\nQuickTime 7.4 for Panther:\nhttp://www.apple.com/support/downloads/quicktime74forpanther.html\n\nQuickTime 7.4 for Windows:\nhttp://www.apple.com/support/downloads/quicktime74forwindows.html\n\nPROVIDED AND/OR DISCOVERED BY:\n1) The vendor credits Joe Schottman of Virginia Tech\n2) Jun Mao, VeriSign iDefense Labs. \n3) Cody Pierce, TippingPoint DVLabs\n4) The vendor credits Chris Ries, Carnegie Mellon University\nComputing Services\n\nORIGINAL ADVISORY:\nApple:\nhttp://docs.info.apple.com/article.html?artnum=307301\n\nTippingPoint DVLabs:\nhttp://dvlabs.tippingpoint.com/advisory/TPTI-08-01\n\niDefense Labs:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=642\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0032"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"db": "BID",
"id": "27301"
},
{
"db": "VULHUB",
"id": "VHN-30157"
},
{
"db": "PACKETSTORM",
"id": "62673"
},
{
"db": "PACKETSTORM",
"id": "62716"
},
{
"db": "PACKETSTORM",
"id": "62685"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-30157",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30157"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-0032",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA08-016A",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "28502",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1019221",
"trust": 2.5
},
{
"db": "BID",
"id": "27301",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2008-0148",
"trust": 1.7
},
{
"db": "USCERT",
"id": "SA08-016A",
"trust": 0.8
},
{
"db": "XF",
"id": "39696",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200801-215",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2008-01-15",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA08-016A",
"trust": 0.6
},
{
"db": "XF",
"id": "39695",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "11391",
"trust": 0.6
},
{
"db": "BID",
"id": "27298",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "62673",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-30157",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62716",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62685",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30157"
},
{
"db": "BID",
"id": "27301"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"db": "PACKETSTORM",
"id": "62673"
},
{
"db": "PACKETSTORM",
"id": "62716"
},
{
"db": "PACKETSTORM",
"id": "62685"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
},
{
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"id": "VAR-200801-0011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-30157"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:48:31.308000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "QuickTime 7.4",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307301-en"
},
{
"title": "QuickTime 7.4",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307301-ja"
},
{
"title": "TA08-016A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-016a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30157"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-016a.html"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1019221"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28502"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/27301"
},
{
"trust": 1.9,
"url": "http://docs.info.apple.com/article.html?artnum=307301"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/jan/msg00001.html"
},
{
"trust": 1.5,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=642"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2008/0148"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0148"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39696"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0032"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/39696"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-016a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-016a"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0032"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-016a.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/2008/20080117_135357.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/39695"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/27298"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/11391"
},
{
"trust": 0.4,
"url": "http://www.apple.com/quicktime/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/swupdates/"
},
{
"trust": 0.3,
"url": "/archive/1/486396"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0032"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=304263\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/quicktime/download/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-016a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=307301\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/quicktime74forleopard.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/quicktime74forwindows.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5090/"
},
{
"trust": 0.1,
"url": "http://dvlabs.tippingpoint.com/advisory/tpti-08-01"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/28502/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/quicktime74fortiger.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/quicktime74forpanther.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30157"
},
{
"db": "BID",
"id": "27301"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"db": "PACKETSTORM",
"id": "62673"
},
{
"db": "PACKETSTORM",
"id": "62716"
},
{
"db": "PACKETSTORM",
"id": "62685"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
},
{
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-30157"
},
{
"db": "BID",
"id": "27301"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"db": "PACKETSTORM",
"id": "62673"
},
{
"db": "PACKETSTORM",
"id": "62716"
},
{
"db": "PACKETSTORM",
"id": "62685"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
},
{
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-30157"
},
{
"date": "2008-01-15T00:00:00",
"db": "BID",
"id": "27301"
},
{
"date": "2008-01-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"date": "2008-01-16T05:38:32",
"db": "PACKETSTORM",
"id": "62673"
},
{
"date": "2008-01-17T05:49:01",
"db": "PACKETSTORM",
"id": "62716"
},
{
"date": "2008-01-17T04:45:41",
"db": "PACKETSTORM",
"id": "62685"
},
{
"date": "2008-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-215"
},
{
"date": "2008-01-16T03:00:00",
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-30157"
},
{
"date": "2008-01-16T00:38:00",
"db": "BID",
"id": "27301"
},
{
"date": "2008-01-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001035"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-215"
},
{
"date": "2024-11-21T00:41:00.190000",
"db": "NVD",
"id": "CVE-2008-0032"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "62673"
},
{
"db": "PACKETSTORM",
"id": "62716"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime In Macintosh Resource Memory corruption vulnerability in record handling",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001035"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200801-215"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.