[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Apple QuickTime ActiveX Component Buffer Overrun Vulnerability

Subject: Apple QuickTime ActiveX Component Buffer Overrun Vulnerability
From: Frank Lowney <email@hidden>
Date: Fri, 20 Sep 2002 07:27:25 -0400

MacFixIt and others are reporting a vulnerability in the QT ActiveX component for QT5 that is not present in the QT6 version so I'm planning on pushing my audience to upgrade rather than expect them to fiddle with the "kill bit."

So, my question is this:

The recommended object/embed tag scheme includes code that prompts the download of the ActiveX component if it is not present. But what if it is present but of the QT5 variety? What happens then?

Is there a way to modify this code so as to compel the download and install of the most recent QT ActiveX component?

Apple QuickTime ActiveX Component Buffer Overrun
Vulnerability
A SecurityFocus Online article discusses a QuickTime Buffer Overrun problem that could result in a security vulnerability:

"A vulnerability has been reported in the Apple Quicktime ActiveX component for Internet Explorer. The vulnerability is a buffer overrun condition that is due to inadequate bounds checking of supplied arguments. If the component is invoked with the "pluginspage" argument set to a string value that is of excessive length, the overrun will occur. This condition is reportedly exploitable and may result in attacker supplied instructions being run on affected client systems."

This vulnerability is eliminated in version 6 of the QuickTime ActiveX component, and SecurityFocus reports effective that an effective workaround for QuickTime 5 users is to set the "Kill-bit" for the ActiveX component. See Microsoft's instructions.

-- ===================================================================== Dr. Frank Lowney email@hidden Director, Electronic Instructional Services, a unit of the Office of Information and Instructional Technology, Professional Pages: http://www.gcsu.edu/oiit/eis/ Personal Pages: http://www.faculty.de.gcsu.edu/~flowney Voice: (478) 445-5260 ===================================================================== We don't make instruction effective, we make effective instruction more accessible. _______________________________________________ quicktime-talk mailing list | email@hidden Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/quicktime-talk Do not post admin requests to the list. They will be ignored.

Follow-Ups:
- Re: Apple QuickTime ActiveX Component Buffer Overrun Vulnerability
  - From: Eric Carlson <email@hidden>

Prev by Date: Re: What's broadband to you? (Sweden)
Next by Date: Re: Broadband
Previous by thread: Broadband
Next by thread: Re: Apple QuickTime ActiveX Component Buffer Overrun Vulnerability
Index(es):
- Date
- Thread

Home