site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2010-12-07-1 QuickTime 7.6.9 QuickTime 7.6.9 is now available and addresses the following: QuickTime CVE-ID: CVE-2010-3787 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in QuickTime's handling of JP2 images. Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to Nils of MWR InfoSecurity for reporting this issue. QuickTime CVE-ID: CVE-2010-3788 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue exists in QuickTime's handling of JP2 images. Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved validation of JP2 images. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to Damian Put and Procyun, working with TippingPoint's Zero Day Initiative for reporting this issue. QuickTime CVE-ID: CVE-2010-3789 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted avi file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue is in QuickTime's handling of avi files. Viewing a maliciously crafted avi file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of avi files. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to Damian Put working with TippingPoint's Zero Day Initiative for reporting this issue. QuickTime CVE-ID: CVE-2010-3790 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in QuickTime's handling of movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of movie files. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to Honggang Ren of Fortinet's FortiGuard Labs for reporting this issue. QuickTime CVE-ID: CVE-2010-3791 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow exists in QuickTime's handling of MPEG encoded movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue. QuickTime CVE-ID: CVE-2010-3792 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue exists in QuickTime's handling of MPEG encoded movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of MPEG encoded movie files. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue. QuickTime CVE-ID: CVE-2010-3793 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in QuickTime's handling of Sorenson encoded movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved validation of Sorenson encoded movie files. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative, and Carsten Eiram of Secunia Research for reporting this issue. QuickTime CVE-ID: CVE-2010-3794 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted FlashPix image may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue exists in QuickTime's handling of FlashPix images. Viewing a maliciously crafted FlashPix image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue. QuickTime CVE-ID: CVE-2010-3795 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted GIF image may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue exists in QuickTime's handling of GIF images. Viewing a maliciously crafted GIF image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue. QuickTime CVE-ID: CVE-2010-3800 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in QuickTime's handling of PICT files. Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved validation of PICT files. Credit to Moritz Jodeit of n.runs AG and Damian Put, working with TippingPoint's Zero Day Initiative, and Hossein Lotfi (s0lute), working with VeriSign iDefense Labs for reporting this issue. QuickTime CVE-ID: CVE-2010-3801 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted FlashPix image may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in QuickTime's handling of FlashPix images. Viewing a maliciously crafted FlashPix image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. Credit to Damian Put working with TippingPoint's Zero Day Initiative, and Rodrigo Rubira Branco from the Check Point Vulnerability Discovery Team for reporting this issue. QuickTime CVE-ID: CVE-2010-3802 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in QuickTime's handling of panorama atoms in QTVR (QuickTime Virtual Reality) movie files. Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of QTVR movie files. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue. QuickTime CVE-ID: CVE-2010-1508 Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in QuickTime's handling of Track Header (tkhd) atoms. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. This issue does not affect Mac OS X systems. Credit to Moritz Jodeit of n.runs AG, working with TippingPoint's Zero Day Initiative, and Carsten Eiram of Secunia Research for reporting this issue. QuickTime CVE-ID: CVE-2010-0530 Available for: Windows 7, Vista, XP SP2 or later Impact: A local user may have access to sensitive information Description: A filesystem permission issue exists in QuickTime. This may allow a local user to access the contents of the "Apple Computer" directory in the user's profile, which may lead to the disclosure of sensitive information. This issue is addressed through improved filesystem permissions. This issue does not affect Mac OS X systems. Credit to Geoff Strickler of On-Line Transaction Consultants for reporting this issue. QuickTime CVE-ID: CVE-2010-4009 Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow exists in QuickTime's handling of movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Honggang Ren of Fortinet's FortiGuard Labs for reporting this issue. QuickTime 7.6.9 may be obtained from the Software Update application, or from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ For Mac OS X v10.5.8 The download file is named: "QuickTime769Leopard.dmg" Its SHA-1 digest is: b580bfb4a66484f3ca12bcaf6e4adfde57574e20 For Windows 7 / Vista / XP SP3 The download file is named: "QuickTimeInstaller.exe" Its SHA-1 digest is: 1eec8904f041d9e0ad3459788bdb690e45dbc38e QuickTime with iTunes for Windows 32-bit XP or Vista The download file is named: "iTunesSetup.exe" Its SHA-1 digest is: c03925830c2f686917f0bfe89ea13a27f6f1135d QuickTime with iTunes for Windows 64-bit Vista or 7 The download file is named: "iTunes64Setup.exe" Its SHA-1 digest is: c1eccffc393baefab6962e47a625cc1156c703b9 QuickTime is incorporated into Mac OS X v10.6 and later. QuickTime 7.6.9 is not presented to systems running Mac OS X v10.6 or later. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJNCQhQAAoJEGnF2JsdZQeeLCEH/RH+xr4hVOUEeDt6InlgVqw0 uCDFC8wsJjOjXv2znpE3nBSfdMwxlqguPBbBIRAf5ftEW07X9AueQvm+N1uVGKFl /7SStsx7CFW/Kzb+bA+XWniFp4oCfGXFMQtIls3H+IIAM5JkFIsbnmVawvXN9FLQ emSkNphCFXuBawUzJlike/nJlAduFbSXLmCJ5VgiSQKJ3CgRaBOglFZvjE0aaDjO lNSkUCTSovBNMZCdll0RRP5MY3c9N4zlxxw5+gza+tfpSpEHtuLKGABjDW/Hu3DT dUbEHoyiw3JXSu282QPQWpJRtU4GkId8tOQLHddJrJP9HKTi5rlN04YN/SA9p/I= =bwKT -----END PGP SIGNATURE-----