Update Protection against Apple QuickTime Color Table ID Heap Corruption
| Check Point Reference: | CPAI-2007-234 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA24359 | |
| Industry Reference(s): | CVE-2007-0718 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Apple QuickTime Prior to 7.1.5 | ||
| Vulnerability Description Apple QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous video formats. QuickTime is capable of processing Apple QuickTime Image File format, which is a proprietary format created by Apple Computer, Inc. |
||
|
Vulnerability Details There exists a heap memory corruption vulnerability in Apple QuickTime product. The flaw is caused by insufficient checks when processing QTIF files. A remote attacker may exploit this vulnerability by enticing a target user to open a crafted QTIF file, thereby injecting and executing arbitrary code with the privileges of the currently logged-in user. In an attack case where code injection is not successful, the vulnerable Quicktime application processing the malicious QTIF file will terminate abnormally. In a more sophisticated attack, where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the current user. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.