QuickTime Movies Are Vector for System Hijacks

By Lisa Vaas  |  Posted 2007-07-12 Print this article Print

There are eight security flaws that allow tainted QuickTime movies to lead to sensitive information being stolen.

Tainted QuickTime movies can get a system hijacked or lead to sensitive information being stolen due to eight security vulnerabilities in Apples movie-viewing software.

According to Apple, the first problem is caused by a memory corruption error when processing a malformed H.264 movie. H.264—also known as MPEG-4 Part 10 or AVC (Advanced Video Coding—is a standard for video compression.
If a user were to view a bogus H.264 movie, it could lead to either the application quitting or a targeted system being laid open to arbitrary code execution.
The second vulnerability is caused by a memory corruption error when processing a malformed movie file, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious file, the Cupertino, Calif., company said July 12. Another QuickTime bug involves the handling of .m4v files and also may lead to unexpected application termination or arbitrary code execution. The problem is an integer overflow vulnerability. QuickTime also has a problem with handling SMIL (Synchronized Multimedia Integration Language) files that again could lead to system takeover. SMIL is a W3C-recommended XML markup language for describing multimedia presentations. This, too, is an integer overflow issue. QuickTime for Java is the source of a fifth issue. This problem, which is a design issue, could allow disabling of security checks so that a victim can be lured into visiting a site that serves up a malicious Java applet. After that, an attacker could take over the targeted system. The sixth issue is also a design error in QuickTime for Java that can be exploited by malicious Java applets to bypass security checks and read and write process memory, leading to arbitrary code execution. Click here to read more about Java security problems found in QuickTime. The seventh issue is yet another design error in QuickTime for Java. This one involves certain interfaces being exposed by JDirect, a Java-to-native library. Again, the risk boils down to system takeover, according to Apple. The eighth vulnerability is also caused by a design error in QuickTime that could be exploited by attackers to capture a clients screen content by tricking a user into visiting a specially crafted Web page. Apple has issued an update, QuickTime 7.2, to fix all of these security problems. It can be obtained from Apples downloads site or via Apples automatic software update. For more details, check Apples product security site. Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
Lisa Vaas is News Editor/Operations for eWEEK.com and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on eWEEK.com, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel