var-200906-0033
Vulnerability from variot
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file. Apple QuickTime is prone to a memory-corruption vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. ----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/
Click here to trial our solutions: http://secunia.com/advisories/try_vi/
TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA35091
VERIFY ADVISORY: http://secunia.com/advisories/35091/
DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system
The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site.
This is related to vulnerability #30 in: SA35074
SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources.
PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI.
ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/
OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ======================================================================
Secunia Research 02/06/2009
- QuickTime Sorenson Video 3 Content Parsing Vulnerability -
====================================================================== Table of Contents
Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10
====================================================================== 1) Affected Software
- Apple QuickTime 7.60
NOTE: Other versions may also be affected.
====================================================================== 2) Severity
Rating: Highly critical Impact: System compromise Where: Remote
====================================================================== 3) Vendor's Description of Software
"When you hop aboard QuickTime 7 Player, you\x92re assured of a truly rich multimedia experience.".
Product Link: http://www.apple.com/quicktime/player/
====================================================================== 4) Description of Vulnerability
Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused by an error in the parsing of Sorenson Video 3 content.
====================================================================== 5) Solution
Update to version 7.6.2.
====================================================================== 6) Time Table
26/02/2009 - Vendor notified. 02/03/200X - Vendor response. 25/05/2009 - Status update requested. 26/05/2009 - Vendor provides status update. 02/06/2009 - Public disclosure.
====================================================================== 7) Credits
Discovered by Carsten Eiram, Secunia Research.
====================================================================== 8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2009-0188 for the vulnerability.
Apple: http://support.apple.com/kb/HT3591
====================================================================== 9) About Secunia
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
====================================================================== 10) Verification
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2009-10/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/
======================================================================
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.6"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.2.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.5.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.5"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.1.70"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.5.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.2.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.5.5"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.5"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.4"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.1.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.1.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.3.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": null
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.5"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.2.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.0"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.4"
},
{
"model": "quicktime",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.7"
},
{
"model": "quicktime",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.1"
},
{
"model": "quicktime player",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.1.70"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.3"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.5.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.5"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "quicktime player",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "35159"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
},
{
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:quicktime",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Charlie MillerDamian Put\u203b pucik@cc-team.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
}
],
"trust": 0.6
},
"cve": "CVE-2009-0188",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-0188",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-37634",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-0188",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-0188",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-023",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-37634",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37634"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
},
{
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file. Apple QuickTime is prone to a memory-corruption vulnerability. \nA remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. \nSuccessful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. \nThis issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. ----------------------------------------------------------------------\n\nAre you missing:\n\nSECUNIA ADVISORY ID:\n\nCritical:\n\nImpact:\n\nWhere:\n\nwithin the advisory below?\n\nThis is now part of the Secunia commercial solutions. \n\nClick here to learn more about our commercial solutions:\nhttp://secunia.com/advisories/business_solutions/\n \nClick here to trial our solutions:\nhttp://secunia.com/advisories/try_vi/\n\n----------------------------------------------------------------------\n\nTITLE:\nApple QuickTime PICT Parsing Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA35091\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/35091/\n\nDESCRIPTION:\nA vulnerability has been reported in Apple QuickTime, which can be\nexploited by malicious people to compromise a user\u0027s system \n\nThe vulnerability is caused due to an error in the processing of\n\"0x77\" tags within PICT images, which can be exploited to cause a\nheap-based buffer overflow when the user opens a specially crafted\nPICT image or visits a malicious web site. \n\nThis is related to vulnerability #30 in:\nSA35074\n\nSOLUTION:\nDo not browse untrusted web sites. Do not open files from untrusted\nsources. \n\nPROVIDED AND/OR DISCOVERED BY:\nDamian Put and Sebastian Apelt, reported via ZDI. \n\nORIGINAL ADVISORY:\nhttp://www.zerodayinitiative.com/advisories/ZDI-09-021/\n\nOTHER REFERENCES:\nSA35074:\nhttp://secunia.com/advisories/35074/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ====================================================================== \n\n Secunia Research 02/06/2009\n\n - QuickTime Sorenson Video 3 Content Parsing Vulnerability -\n\n====================================================================== \nTable of Contents\n\nAffected Software....................................................1\nSeverity.............................................................2\nVendor\u0027s Description of Software.....................................3\nDescription of Vulnerability.........................................4\nSolution.............................................................5\nTime Table...........................................................6\nCredits..............................................................7\nReferences...........................................................8\nAbout Secunia........................................................9\nVerification........................................................10\n\n====================================================================== \n1) Affected Software \n\n* Apple QuickTime 7.60\n\nNOTE: Other versions may also be affected. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System compromise\nWhere: Remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"When you hop aboard QuickTime 7 Player, you\\x92re assured of a truly \nrich multimedia experience.\". \n\nProduct Link:\nhttp://www.apple.com/quicktime/player/\n\n====================================================================== \n4) Description of Vulnerability\n\nSecunia Research has discovered a vulnerability in QuickTime, which \ncan be exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused by an error in the parsing of Sorenson\nVideo 3 content. \n\n====================================================================== \n5) Solution \n\nUpdate to version 7.6.2. \n\n====================================================================== \n6) Time Table \n\n26/02/2009 - Vendor notified. \n02/03/200X - Vendor response. \n25/05/2009 - Status update requested. \n26/05/2009 - Vendor provides status update. \n02/06/2009 - Public disclosure. \n\n====================================================================== \n7) Credits \n\nDiscovered by Carsten Eiram, Secunia Research. \n\n====================================================================== \n8) References\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \nCVE-2009-0188 for the vulnerability. \n\nApple:\nhttp://support.apple.com/kb/HT3591\n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2009-10/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0188"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"db": "BID",
"id": "35159"
},
{
"db": "VULHUB",
"id": "VHN-37634"
},
{
"db": "PACKETSTORM",
"id": "77746"
},
{
"db": "PACKETSTORM",
"id": "78039"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-37634",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37634"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0188",
"trust": 2.9
},
{
"db": "BID",
"id": "35159",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "35091",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2009-1469",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1022314",
"trust": 2.5
},
{
"db": "XF",
"id": "50886",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20090602 SECUNIA RESEARCH: QUICKTIME SORENSON VIDEO 3 CONTENT PARSING VULNERABILITY",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2009-06-01-1",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200906-023",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "78039",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-37634",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-09-021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77746",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37634"
},
{
"db": "BID",
"id": "35159"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"db": "PACKETSTORM",
"id": "77746"
},
{
"db": "PACKETSTORM",
"id": "78039"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
},
{
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"id": "VAR-200906-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37634"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:12:48.436000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3591",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3591"
},
{
"title": "HT3591",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3591?viewlocale=ja_JP"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37634"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/35159"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1022314"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/35091"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"trust": 2.1,
"url": "http://support.apple.com/kb/ht3591"
},
{
"trust": 1.8,
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00000.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/50886"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16085"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0188"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0188"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/504007/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.apple.com/quicktime/"
},
{
"trust": 0.3,
"url": "/archive/1/504007"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/try_vi/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-09-021/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35074/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35091/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0188"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/mailing_lists/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/quicktime/player/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37634"
},
{
"db": "BID",
"id": "35159"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"db": "PACKETSTORM",
"id": "77746"
},
{
"db": "PACKETSTORM",
"id": "78039"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
},
{
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-37634"
},
{
"db": "BID",
"id": "35159"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"db": "PACKETSTORM",
"id": "77746"
},
{
"db": "PACKETSTORM",
"id": "78039"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
},
{
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-02T00:00:00",
"db": "VULHUB",
"id": "VHN-37634"
},
{
"date": "2009-06-01T00:00:00",
"db": "BID",
"id": "35159"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"date": "2009-05-24T05:47:04",
"db": "PACKETSTORM",
"id": "77746"
},
{
"date": "2009-06-03T04:37:22",
"db": "PACKETSTORM",
"id": "78039"
},
{
"date": "2009-06-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-023"
},
{
"date": "2009-06-02T18:30:00.203000",
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-37634"
},
{
"date": "2009-06-02T16:39:00",
"db": "BID",
"id": "35159"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001720"
},
{
"date": "2009-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-023"
},
{
"date": "2024-11-21T00:59:18.790000",
"db": "NVD",
"id": "CVE-2009-0188"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iTunes In Sorenson 3 Vulnerability in executing arbitrary code related to processing of video files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001720"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-023"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…