Two remote code execution vulnerabilities in Apple QuickTime
| Risk | Critical |
| Patch available | NO |
| Number of vulnerabilities | 2 |
| CVE-ID | N/A |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Apple QuickTime Client/Desktop applications / Multimedia software |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU5872
Risk: Critical
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Red]
CVE-ID: N/A
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow when processing media files. A remote attacker can create a media file with specially crafted moov atom field, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
The vendor will not release a security patch. We recommend removing this software from your systems.
Apple QuickTime: 7.0
CPE2.3 External linkshttps://zerodayinitiative.com/advisories/ZDI-16-242/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Heap-based buffer overflow
EUVDB-ID: #VU5871
Risk: Critical
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Red]
CVE-ID: N/A
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow when processing media files. A remote attacker can create a media file with specially crafted moov atom field, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
The vendor will not release a security patch. We recommend removing this software from your systems.
Vulnerable software versionsApple QuickTime: 7.0
CPE2.3 External linkshttps://zerodayinitiative.com/advisories/ZDI-16-241/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
