Apple QuickTime M-JPEG Heap Buffer Overflow

July 5, 2013

QuickTime is an extensible proprietary multimedia framework developed by Apple Inc. It is capable of handling various formats of digital video, picture, sound, panoramic images, and interactivity. QuickTime is integrated with Mac OS X, and it also supports Microsoft Windows.

A QuickTime movie file is a container file that can store both media metadata and media content in atoms (the basic data unit). One of the supported media contents is the Motion JPEG. Motion JPEG (M-JPEG or MJPEG) is a video format in which each video frame or interlaced field of a digital video sequence is compressed separately as a JPEG image.

A heap buffer overflow vulnerability exists in Apple QuickTime. Specifically, the vulnerability is due to insufficient validation while handling M-JPEG data in a movie file. A remote attacker can exploit this vulnerability by enticing a user to open a crafted movie file using Apple QuickTime. Successful exploitation could lead to arbitrary code execution in the security context of the logged-in user.

The vulnerability has been assigned as CVE-2013-1020.

Dell SonicWALL has released an IPS signature to detect and block specific exploitation attempts targeting this vulnerability. The signature is listed below:

  • 9960 Apple QuickTime Movie File Memory Corruption