SonicWALL, Inc. a leading secure network infrastructure company, announced today that it has distributed defensive measures to users of its Unified Threat Management (UTM) technology against exploits of a zero-day vulnerability found within Apple's QuickTime media player. SonicWALL first issued signatures designed to protect its subscribers against this critical vulnerability on Tuesday, November 27.
A zero-day stack-based buffer overflow vulnerability in QuickTime, an audio/video application developed by Apple Computer, is currently being exploited by a malicious web site claiming to host a legitimate QuickTime movie. Using a newly published proof-of-concept exploit code, control of the visitor's machine can be taken over.
The problem lies within the 'Content-Type' header field sent by the server, which is not properly checked by the visitor's QuickTime application. When the length of the 'Content-Type' field exceeds a certain length, a Buffer Overflow condition occurs. By carefully constructing the string sent to the application, the malicious server can obtain user privileges on the visitor's machine.
Both Windows and Mac OS users are vulnerable to this exploit since Apple's QuickTime media player can be used on both PCs and Macintoshes. Apple iTunes installations are also affected by this vulnerability because QuickTime is a component of iTunes.
A zero-day stack-based buffer overflow vulnerability in QuickTime, an audio/video application developed by Apple Computer, is currently being exploited by a malicious web site claiming to host a legitimate QuickTime movie. Using a newly published proof-of-concept exploit code, control of the visitor's machine can be taken over.
The problem lies within the 'Content-Type' header field sent by the server, which is not properly checked by the visitor's QuickTime application. When the length of the 'Content-Type' field exceeds a certain length, a Buffer Overflow condition occurs. By carefully constructing the string sent to the application, the malicious server can obtain user privileges on the visitor's machine.
Both Windows and Mac OS users are vulnerable to this exploit since Apple's QuickTime media player can be used on both PCs and Macintoshes. Apple iTunes installations are also affected by this vulnerability because QuickTime is a component of iTunes.