Apple QuickTime 7.7.2 targa image Buffer Overflow

2012.11.20

Credit: Senator of Pirates

Risk: High

Local: Yes

Remote: No

CVE: CVE-2012-3755

CWE: CWE-119

CVSS Base Score: 9.3/10

Impact Subscore: 10/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: Complete

Integrity impact: Complete

Availability impact: Complete

*Application : Apple QuickTime
Versions : <=  before 7.7.3
CVE : 2012-3755*
*Impact : 9.3 (High)*
*References* *:* *
http://lists.apple.com/archives/security-announce/2012/Nov/msg00002.html*
*Auther : Senator of Pirates*
*E-Mail : SenatorofPirates.team[at]gmail.com
FaceBook : /SenatorofPirates
                  **/SenatorofPiratesInfo
Greetz : To Morocco
 
-------------
*
 
*Vulnerability :
 
A buffer overflow vulnerability in QuickTime PictureViewer.exe and the
specific flaw exists within TGA file images encoded data, When encountering
an invalid encoded width field and can be result a heap-based buffer
overflow occur. And this vulnerability allows remote attackers to execute arbitrary code or
cause a denial of service (application crash) via a crafted Targa image. *
*
PoC :
 
http://www18.zippyshare.com/v/40547915/file.html

References:

http://www18.zippyshare.com/v/40547915/file.html

http://www.exploit-db.com/sploits/22855.tga

http://lists.apple.com/archives/security-announce/2012/Nov/msg00002.html

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Apple QuickTime 7.7.2 targa image Buffer Overflow

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.