Operating System:

[WIN]

Published:

08 November 2012

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2012.1068 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2012.1068
                              QuickTime 7.7.3
                              8 November 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          QuickTime
Publisher:        Apple
Operating System: Windows
Impact/Access:    Execute Arbitrary Code/Commands -- Remote with User Interaction
                  Denial of Service               -- Remote with User Interaction
Resolution:       Patch/Upgrade
CVE Names:        CVE-2012-3758 CVE-2012-3757 CVE-2012-3756
                  CVE-2012-3755 CVE-2012-3754 CVE-2012-3753
                  CVE-2012-3752 CVE-2012-3751 CVE-2011-1374

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2012-11-07-1 QuickTime 7.7.3

QuickTime 7.7.3 is now available and addresses the following:

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Viewing a maliciously crafted PICT file may lead to an
unexpected application termination or arbitrary code execution
Description:  A buffer overflow existed in the handling of REGION
records in PICT files. This issue was addressed through improved
bounds checking.
CVE-ID
CVE-2011-1374 : Mark Yason of the IBM X-Force

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Viewing a maliciously crafted PICT file may lead to an
unexpected application termination or arbitrary code execution
Description:  A memory corruption issue existed in the handling of
PICT files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2012-3757 : Jeremy Brown at Microsoft and Microsoft Vulnerability
Research (MSVR)

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A use after free issue existed in the QuickTime
plugin's handling of '_qtactivex_' parameters within a HTML object
element. This issue was addressed through improved memory handling.
CVE-ID
CVE-2012-3751 : chkr_d591 working with iDefense VCP

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Viewing a maliciously crafted QuickTime TeXML file may lead
to an unexpected application termination or arbitrary code execution
Description:  A buffer overflow existed in the handling of the
transform attribute in text3GTrack elements. This issue was addressed
through improved bounds checking.
CVE-ID
CVE-2012-3758 : Alexander Gavrun working with HP TippingPoint's Zero
Day Initiative

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Viewing a maliciously crafted QuickTime TeXML file may lead
to an unexpected application termination or arbitrary code execution
Description:  Multiple buffer overflows existed in the handling of
style elements in QuickTime TeXML files. These issues were addressed
through improved bounds checking.
CVE-ID
CVE-2012-3752 : Arezou Hosseinzad-Amirkhizi, Vulnerability Research
Team, TELUS Security Labs

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A buffer overflow existed in the QuickTime plugin's
handling of MIME types. This issue was addressed through improved
bounds checking.
CVE-ID
CVE-2012-3753 : Pavel Polischouk, Vulnerability Research Team, TELUS
Security Labs

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A use after free issue existed in the QuickTime ActiveX
control's handling of the Clear() method. This issue was addressed
through improved memory management.
CVE-ID
CVE-2012-3754 : CHkr_d591 working with iDefense VCP

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Viewing a maliciously crafted Targa file may lead to an
unexpected application termination or arbitrary code execution
Description:  A buffer overflow existed in the handling of Targa
image files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2012-3755 : Senator of Pirates

QuickTime
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description:  A buffer overflow existed in the handling of 'rnet'
boxes in MP4 files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2012-3756 : Kevin Szkudlapski of QuarksLab


QuickTime 7.7.3 may be obtained from the QuickTime Downloads site:
http://www.apple.com/quicktime/download/

The download file is named: "QuickTimeInstaller.exe"
Its SHA-1 digest is: 3123713755c0705babacf186f5c3571204ee3ae7

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJQmpRUAAoJEPefwLHPlZEwLxkP/j9+h9Wz0TzUbGLzyQsR7J98
JFMDjzIzoyILXnKxq19oZnjxwJtmBJVJuEVX3cqTS+R/yNOQb2kox/bQUCSL7TnW
YW2f2IeHAt1TndxwP82+/lmRw6z2Dt+wptmn6OhOTdeIRFnsoV7KjKnnMja2Tr2d
Hysb/kAcKc0RP8dGKmlT007ktCShRqhKqVZJZ+LePaF40CxZE2G4iT6mHI9gAXsp
TNfBDOwO6wEaDjApXeotmvInMqYw3EPQHMFdP1kjQyai3QEgFrGV6xpQM0p17ftW
KK8/O9IxnVGTWAAA51N7nWvEXlwX7uSJB96aerFlBGYyjzPlChwgHJsXG/Be1xXa
7nrl7IRDoX2QivJnvJAugxQkkZUXB6anokn94pUKa9wrYXMH/lSDXpJuzN7BWmmt
TJ2Xckrryt6p68eGwl/CaACjsFO7JHMjJiZurIFH3/ho0xXEixiXx/QJaDjiJFym
ZcepjmzflDY1c4J8HLPeb1iqD7cgFuIP8eP4f5FmYpvPkkawE/pKsKQk3m8uX4fu
RCXB2tfGaqws4mrSuFCL+NfD4ewKUc+kY5Kr2l2TG2q0wj4t6dbFMqsoNOUPMV64
I8xmJqXv5Vmvy17mlo+5HEZJhOwveA0mH9QDvjiQLZGykLTHeVnrLwwuQ1CHLfsX
HhmkaRhwV4stZsLFzwIW
=nV8Y
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUJs7r+4yVqjM2NGpAQKVsQ//YluUGyr1o6kaKyldPaxa7OLnbgUWg8DF
zLQdtNOhJ2yDkJTFaNYFGBdst13YP/hUuYygbo3S9WiZYQmSpA8tksSOXdo0Imy3
xIn5R6ivf4BQM+OzV4alMFyjbKFCC++u5OPJW5Y/PKBA/OWrxSv9MduHMhJD/Q+j
6W9K6C6S8HZMNwGY6JQVnu4Z6DDl0uOo4QgKT0ylqtkjImtDp8mm8seio3L7SFdc
ozkujsG1CZUbcscapTF/nQeDcfexVukxg+NLFBFl5xXjlgWyQJuxrsigWfyEyTH0
xxs9+70Iq8yY0dsP5EEIh5jXBiefOlLzIkXiQNd591XFM/LZOP8S0SFj3MfB75sz
4BM+4nG7ybpugtSMKx4vDI55w96kVBufVGWTjb62SqpUmDSxwFiFuG+OBhN3ck2x
7wM/KmQIjkH/7KMiIlPiktGEQZR5n2McaIENDuaFRQ2cmiYp2lm7pmcirLnnfbIO
dFc34Pp6i9rh1qqZz86qqyViwyKDogdC+mlXgOAxwGCnbUXx07yyytSVsr6g7CR5
HzCwx1gdoZE1MDqNBznnlBgwnb2dkLHCLBq7M72L9/xwAccLxheu+gMFQko5VYG5
cUZanZqNRd1VrzWk2LMuHIAHB3/ptjIgyJGzeuMK9KBCd5C0UV986Ng2e4RGm4cL
4wf8iqltidk=
=eTON
-----END PGP SIGNATURE-----