Home > Exploits > Zero Day Exploit: Buffer-overflow in Quicktime Player

Zero Day Exploit: Buffer-overflow in Quicktime Player

After two QuickTime flaws and Quickspace worm last December, another vulnerability was discovered this month affecting both Windows and Mac users.

The zero day vulnerability was found when Quicktime encounters a RSTP (Real-Time Streaming Protocol) link ex. rstp:// and no custom port has been specified, it handles the call by scanning port 554. However, if port 554 server is closed, Quicktime automatically switch to HTTP protocol and scans port 80, where the server returns 404 error message. If the returned HTTP error message from the server is so long, QuickTime media link file does not know how to handle this message – because it lacks input validation, thus causes buffer overflow.

This vulnerability can be exploited by a malicious application or website, which then allows execution of arbitrary codes on the user’s system.

Luigi Auriemma, an italian security researcher has discovered this flaw and posted a bug report with proof-of-concept exploit code.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: