Security hole found in QuickTime

 

Gallery

By Simon Aughton

Posted on 27 Nov 2007 at 09:27

A security researcher has discovered an "extremely critical" flaw in QuickTime for Windows XP.

QuickTime 7.3's handling of the Real Time Streaming Protocol (RTSP) can be exploited to compromise a user's system, says Krystian Kloskowski, who has developed, but not published an exploit.

The vulnerability is caused due to a boundary error when processing RTSP replies, which can be exploited to cause a stack-based buffer overflow, explains security firm, Secunia.

Successful exploitation allows execution of arbitrary code, though execution requires that the user is persuaded or tricked into opening a malicious QTL file or visiting a malicious website.

Kloskowski discovered the flaw in QuickTime Player 7.3 running on Windows XP SP2, but further investigation by Symantec reveals that the vulnerability is restricted to specific browsers, most notably Firefox - with Internet Explorer 6/7 and Safari 3 Beta the attack is prevented.

The US Computer Emergency Readiness Team (US-CERT) has published a number of workarounds that may help to prevent exploitation, though they may hamper normal computer usage.

Until Apple releases a fix, users are best advised to follow Secunia's advice and standard good practice: do not browse untrusted websites, follow untrusted links or open untrusted QTL files.