QuickTime 7.1.3 released

Apple today released QuickTime 7.1.3, offering several functionality improvements and fixing six security flaws. The update repairs issues which prevent users from maliciously crafting H.254 movies, QuickTime movies, FLC movies, FlashPix files, and SGI images which could cause application crashes and/or result in arbitrary code execution. The QuickTime update requires Mac OS X 10.3.9 or later, and is available for free. [updated]

Apple has offered details on the security vulnerabilities fixed by QuickTime 7.1.3, offering credit to those companies and individuals who discovered and/or reported the issues.

By carefully crafting a corrupt H.264 movie, an attacker can trigger an integer overflow or buffer overflow which may lead to an application crash or arbitrary code execution with the privileges of the user. This update addresses the issue by performing additional validation of H.264 movies. Apple offers credit to Sowhat of Nevis Labs, Mike Price of McAfee AVERT Labs, and Piotr Bania of piotrbania.com for reporting these issues.

By carefully crafting a corrupt QuickTime movie, an attacker can trigger a buffer overflow which may lead to an application crash or arbitrary code execution with the privileges of the user. This update addresses the issue by performing additional validation of QuickTime movies. Apple offers credit to Mike Price of McAfee AVERT Labs for reporting this issue.

By carefully crafting a corrupt FLC movie, an attacker can trigger a heap buffer overflow which may lead to an application crash or arbitrary code execution with the privileges of the user. This update addresses the issue by performing additional validation of FLC movies. Apple offers credit to Ruben Santamarta of reversemode.com working with the iDefense VCP Program, and Mike Price of McAfee AVERT Labs for reporting this issue.

By carefully crafting a corrupt FlashPix file, an attacker can trigger an integer overflow or buffer overflow which may lead to an application crash or arbitrary code execution with the privileges of the user. This update addresses the issue by performing additional validation of FlashPix files. Apple offers credit to Mike Price of McAfee AVERT Labs for reporting this issue.

By carefully crafting a corrupt FlashPix file, an attacker can trigger an exception leaving an uninitialized object. This may lead to an application crash or arbitrary code execution with the privileges of the user. This update addresses the issue by performing additional validation of FlashPix files. Apple offers credit to Mike Price of McAfee AVERT Labs for reporting this issue.

By carefully crafting a corrupt SGI image, an attacker can trigger a buffer overflow which may lead to an application crash or arbitrary code execution with the privileges of the user. This update addresses the issue by performing additional validation of SGI image files. Apple offers credit to Mike Price of McAfee AVERT Labs for reporting this issue.

by MacNN Staff