Security News

Apple QuickTime M-JPEG Heap Buffer Overflow (July 5, 2013)

By

QuickTime is an extensible proprietary multimedia framework developed by Apple Inc. It is capable of handling various formats of digital video, picture, sound, panoramic images, and interactivity. QuickTime is integrated with Mac OS X, and it also supports Microsoft Windows.

A QuickTime movie file is a container file that can store both media metadata and media content in atoms (the basic data unit). One of the supported media contents is the Motion JPEG. Motion JPEG (M-JPEG or MJPEG) is a video format in which each video frame or interlaced field of a digital video sequence is compressed separately as a JPEG image.

A heap buffer overflow vulnerability exists in Apple QuickTime. Specifically, the vulnerability is due to insufficient validation while handling M-JPEG data in a movie file. A remote attacker can exploit this vulnerability by enticing a user to open a crafted movie file using Apple QuickTime. Successful exploitation could lead to arbitrary code execution in the security context of the logged-in user.

The vulnerability has been assigned as CVE-2013-1020.

Dell SonicWALL has released an IPS signature to detect and block specific exploitation attempts targeting this vulnerability. The signature is listed below:

  • 9960 Apple QuickTime Movie File Memory Corruption
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
RecJS: a Multi-Component Malware hides behind JavaScript.
Netgear ProSAFE NMS300 SQLi Vulnerability
NetGain Systems Enterprise Manager TFTP Vulnerability
WordPress Mobile App Native Plugin Vulnerability Leads to Web Site PWNage (Mar 03, 2017)
Malware switches users Bank Account Number with that of the attacker (October 25, 2013)
Ivanti Authentication Bypass Vulnerability
XP Internet Security 2012. FakeAV trend continues. (Jul 14, 2011)
A look at PartyTicket Ransomware targeting Ukrainian systems