Slashdot Mirror

← Back to Stories (view on slashdot.org)

New QuickTime Flaw Bypasses ASLR, DEP

Posted by Soulskill on from the once-more-unto-the-breach dept.

Trailrunner7 writes "A Spanish security researcher has discovered a new vulnerability in Apple's QuickTime software that can be used to bypass both ASLR and DEP on current versions of Windows and give an attacker control of a remote PC. The flaw apparently results from a parameter from an older version of QuickTime that was left in the code by mistake. It was discovered by Ruben Santamarta of Wintercore, who said the vulnerability can be exploited remotely via a malicious Web site. On a machine running Internet Explorer on Windows 7, Vista or XP with QuickTime 7.x or 6.x installed, the problem can be exploited by using a heap-spraying technique. In his explanation of the details of the vulnerability and the exploit for it, Santamarta said he believes the parameter at the heart of the problem simply was not cleared out of older versions of the QuickTime code. 'The QuickTime plugin is widely installed and exploitable through IE; ASLR and DEP are not effective in this case and we will likely see this in the wild,' said HD Moore, founder of the Metasploit Project."

2 of 162 comments (clear)

  1. Re:Just get a PC. by daveime · · Score: 0, Flamebait

    Why in God's name would you need any ports other than 80 open ?

    The only thing you people connect to is *apple.com for your daily dose of Jobsology.

  2. Re:ew quicktime? by Civil_Disobedient · · Score: 0, Flamebait

    Is QuickTime really that bad?

    YES YES YES JESUS FUCKING CHRIST FOR THE LOVE OF GOD YES!

    Do MP3s cause my system to crash/hang/consume ginormous resources just for the sake of existing? No! Why not? Because it's a fucking codec. But with Quicktime, you've got to have a fucking Control Panel extension. For what? What in the hell could possibly necessitate a separate, specific control panel extension?

    And the installer? ~30 Megs of what exactly? I could load every popular and not-very-popular codec on my computer, mkv splitters, ac3 decoders, all kinds of useless crap, and it wouldn't take half the space that Quicktime requires. Again... FOR WHAT? Did Apple write the installer in JavaScript?

    Quicktime and iTunes are a JOKE. A sick, twisted, D-minus-in-any-programming-class joke.