Zero-Day Exploit For Apple's QuickTime Posted

An Italian security researcher has posted a proof-of-concept exploit for a zero-day vulnerability in the most current version of Apple's QuickTime media software (7.3.1).

Luigi Auriemma, noted among other things for discovering a vulnerability in the Unreal Engine in 2004, on Thursday posted details about producing a buffer overflow error in QuickTime. Buffer overflows can often be exploited by attackers to compromise the affected system.

"The bug is a buffer-overflow and the return address can be fully overwritten so a malicious attacker could use it for executing malicious code on the victim," Auriemma said in an e-mail.

According to Auriemma, the vulnerability affects both Windows and Mac OS X versions of Apple's QuickTime software. But other researchers have been unable to successfully use the exploit on Mac OS X and have suggested that the flaw may lie in code specific to Windows.

In his description of the exploit, Auriemma explains that when QuickTime encounters a Real-Time Streaming Protocol link (rtsp://) link and port 554 of the server is closed, the application will switch to the HTTP protocol on port 80. The server then sends a long HTTP error message, so long that it causes the buffer to overflow. This allows the attacker to take control the affected system.