Preemptive Protection against Apple QuickTime PICT Image paintPoly Parsing Heap Buffer Overflow
| Check Point Reference: | CPAI-2009-095 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA35091 | |
| Industry Reference(s): | CVE-2009-0010 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Apple QuickTime prior to 7.6.2 | ||
| Vulnerability Description A buffer overflow vulnerability was reported in Apple QuickTime, a multimedia player that supports a wide range of media formats. Apple QuickTime fails to process crafted PICT images. Remote attackers may exploit this vulnerability by persuading a target user to open a specially crafted PICT file using the vulnerable products. Successful exploitation may lead to arbitrary code execution or terminate the application resulting in a denial of service condition. |
||
|
Update/Patch Available The vendor, Apple, has released an advisory addressing this vulnerability: http://support.apple.com/kb/HT3591 |
|
|
Vulnerability Details The flaw is due to improper processing of paintPoly record in PICT image file. An attacker can create a PICT image that once processed by a vulnerable QuickTime product will trigger the vulnerability. |
Protection Overview
IPS-1 has been preemptive against this vulnerability with a protection since June 2008. No update is requied. By enabling this protection, IPS-1 will detect and block PICT image files with malformed attributes.
To configure the defense, select your product from the list below and follow the related protection steps.