Zero-Day Exploit for Apple QuickTime Posted

malware · Jan 11, 2008

An Italian security researcher has posted a proof-of-concept exploit for a zero-day vulnerability in the most current version of Apple's QuickTime media software (7.3.1) which affects both Windows and Mac OS X. According to Luigi Auriemma the bug is a buffer-overflow which happens during the handling of the HTTP error message and its visualization in the LCD-like screen which contains info about the status of the connection. Buffer overflows can often be exploited by attackers to compromise the affected system. In this scenario, that's exactly what this bug can do. It can allow the attacker to take control the affected system. The vulnerability Auriemma has identified has no fix at the moment, so keep it in mind if you use the latest QuickTime on your system. Find out more about the exploit here.

View at TechPowerUp Main Site

Dangle · Jan 11, 2008

I HAAAAAAAAATE quicktime. I'd rather use Realplayer than Quicktime.

peach1971 · Jan 12, 2008

Who needs Quicktime?

h**p://www.codecguide.com/about_qt.htm

Wile E · Jan 12, 2008

peach1971 said:
Who needs Quicktime?

Picture is probably ok, but we're not allowed to link it. It's legality is questionable, so the admins here err on the side of caution. Trust me, I know first hand. lol.

Ravenas · Jan 12, 2008

Hmph, I've been reading it only effects Windows? Bad source? Who knows.

peach1971 · Jan 12, 2008

`Encrypted` the link above.

tomkaten · Jan 12, 2008

Not to be mean here, but who needs Quicktime or Quicktime alternative on their PC's ? Mac it's another story, but my Quicktime has flown off a long time ago. The recurring "Qttask" process was driving me nuts. It's business as usual without it so...

1c3d0g · Jan 12, 2008

:shadedshu Some movies/trailers/clips are only available in .mov, hence the need for QuickTime Alternative. Trust me, I wouldn't want that junk on my PC either (it's a security nightmare), but sometimes I need to view certain videos which require that damned codec. :banghead:

panchoman · Jan 12, 2008

i despise quicktime...

Processor	Intel Core 2 Quad Q6600 G0 VID: 1.2125
Motherboard	GIGABYTE GA-P35-DS3P rev.2.0
Cooling	Thermalright Ultra-120 eXtreme + Noctua NF-S12 Fan
Memory	4x1 GB PQI DDR2 PC2-6400
Video Card(s)	Colorful iGame Radeon HD 4890 1 GB GDDR5
Storage	2x 500 GB Seagate Barracuda 7200.11 32 MB RAID0
Display(s)	BenQ G2400W 24-inch WideScreen LCD
Case	Cooler Master COSMOS RC-1000 (sold), Cooler Master HAF-932 (delivered)
Audio Device(s)	Creative X-Fi XtremeMusic + Logitech Z-5500 Digital THX
Power Supply	Chieftec CFT-1000G-DF 1kW
Software	Laptop: Lenovo 3000 N200 C2DT2310/3GB/120GB/GF7300/15.4"/Razer

System Name	Vista
Processor	Q6600
Memory	2GB Corsair 800mhz
Video Card(s)	2900XT
Storage	300GB 7.2kRPM Seagate for OS; 74GB 10kRPM WD for Games
Audio Device(s)	XFi
Power Supply	750W

Processor	AMD Phenom II X2 550 @3600MHz (VCore -0.05V)
Motherboard	Gigabyte MA-780G-DS3H (AMD SB700), BIOS: 04/14/09
Cooling	Scythe Samurai cooled by 2x Enermax Warp 80mm ~700 RPM
Memory	2x 1GB GeIL Ultra DDR2-800 @1066 CL4-5-5-15 2T
Video Card(s)	MSI R4830 OC (HD4830)
Storage	Samsung 400 GB S-ATA, WD 400GB S-ATA
Display(s)	Samsung 2433BW 1920 x 1200 Pixel (16:10)
Case	timeless office tower ;)
Audio Device(s)	Asus Xonar D1
Power Supply	be quiet! Straight Power BQT E7-400W
Software	Windows XP Pro 32bit

System Name	The ClusterF**k
Processor	980X @ 4Ghz
Motherboard	Gigabyte GA-EX58-UD5 BIOS F12
Cooling	MCR-320, DDC-1 pump w/Bitspower res top (1/2" fittings), Koolance CPU-360
Memory	3x2GB Mushkin Redlines 1600Mhz 6-8-6-24 1T
Video Card(s)	Evga GTX 580
Storage	Corsair Neutron GTX 240GB, 2xSeagate 320GB RAID0; 2xSeagate 3TB; 2xSamsung 2TB; Samsung 1.5TB
Display(s)	HP LP2475w 24" 1920x1200 IPS
Case	Technofront Bench Station
Audio Device(s)	Auzentech X-Fi Forte into Onkyo SR606 and Polk TSi200's + RM6750
Power Supply	ENERMAX Galaxy EVO EGX1250EWT 1250W
Software	Win7 Ultimate N x64, OSX 10.8.4

System Name	AM5
Processor	AMD Ryzen R9 7950X
Motherboard	Asrock X670E Taichi
Cooling	EK AIO Basic 360
Memory	Corsair Vengeance DDR5 5600 64 Gb - XMP1 Profile
Video Card(s)	AMD Reference 7900 XTX 24 Gb
Storage	Crucial Gen 5 1 TB, Samsung Gen 4 980 1 TB / Samsung 8TB SSD
Display(s)	Samsung 34" 240hz 4K
Case	Fractal Define R7
Power Supply	Seasonic PRIME PX-1300, 1300W 80+ Platinum, Full Modular

Zero-Day Exploit for Apple QuickTime Posted

malware

New Member

Dangle

New Member

peach1971

Wile E

Power User

Ravenas

peach1971

tomkaten

1c3d0g

panchoman

Sold my stars!

System Name	My Box
Processor	Core I7 4790
Motherboard	Asrock Z97 Anniversary
Cooling	Alpenfohn Ben Nevis
Memory	16 GB DDR3 1600, Dual channel
Video Card(s)	Zotac GeForce GTX 970 AMP! Omega Core Edition
Storage	SSD OCZ Arc 120 GB, WD Blue 1 TB, WD Blue 1 TB
Display(s)	HP Pavilion 27xi IPS LED Backlit
Case	Phanteks Enthoo Pro
Audio Device(s)	Onboard + Sabre 24/96 DAC
Power Supply	LDLC XT-650P 80+ Platinum
Mouse	A4 Tech Basic
Keyboard	Microsoft Comfort Curve
Software	Win 10 Pro X64

Processor	Amd Athlon X2 4600+ Windsor(90nm) EE(65W) @2.9-3.0 @1.45
Motherboard	Biostar Tforce [Nvidia] 550
Cooling	Thermaltake Blue Orb-- bunch of other fans here and there....
Memory	2 gigs (2x1gb) of patriot ddr2 800 @ 4-4-4-12-2t
Video Card(s)	Sapphire X1950pro Pci-E x16 @stock@stock on stock
Storage	Seagate 7200.11 250gb Drive, WD raptors (30/40) in Raid 0
Display(s)	ANCIENT 15" sony lcd, bought it when it was like 500 bucks
Case	Apevia X-plorer blue/black
Audio Device(s)	Onboard- Why get an sound card when you can hum??
Power Supply	Antec NeoHe 550-manufactured by seasonic -replacement to the discontinued smart power series
Software	Windows XP pro SP2 -- vista is still crap