Apple QuickTime多个文件拒绝服务漏洞

漏洞起因
异常条件处理失败错误

影响系统
Apple QuickTime Player 7.6.2
Apple QuickTime Player 7.6.1
Apple QuickTime Player 7.5.5
+ Apple Mac OS X 10.4.9
+ Apple Mac OS X 10.3.9
+ Apple Mac OS X 10.5
+ Apple Mac OS X Server 10.4.9
+ Apple Mac OS X Server 10.3.9
+ Apple Mac OS X Server 10.5
Apple QuickTime Player 7.4.5
+ Apple Mac OS X 10.4.9
+ Apple Mac OS X 10.3.9
+ Apple Mac OS X 10.5
+ Apple Mac OS X Server 10.4.9
+ Apple Mac OS X Server 10.3.9
+ Apple Mac OS X Server 10.5
Apple QuickTime Player 7.4.1
Apple QuickTime Player 7.3.1 .70
Apple QuickTime Player 7.3.1
Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 6.5.2
Apple QuickTime Player 6.5.1
Apple QuickTime Player 6.5
Apple QuickTime Player 6.1
Apple QuickTime Player 7.6
Apple QuickTime Player 7.5
Apple QuickTime Player 7.4
Apple QuickTime Player 7.4
Apple QuickTime Player 7.3
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1
Apple QuickTime Player 6.4
– Apple Mac OS 9 9.2.2
– Apple Mac OS 9 9.2.1
– Apple Mac OS 9 9.2
– Apple Mac OS 9 9.1
– Apple Mac OS 9 9.0.4
– Apple Mac OS 9 9.0
– Apple Mac OS X 10.1.5
– Apple Mac OS X 10.1.4
– Apple Mac OS X 10.1.3
– Apple Mac OS X 10.1.2
– Apple Mac OS X 10.1.1
– Apple Mac OS X 10.1
– Apple Mac OS X 10.1
– Apple Mac OS X 10.0.4
– Apple Mac OS X 10.0.3
– Apple Mac OS X 10.0.2
– Apple Mac OS X 10.0.1
– Apple Mac OS X 10.0
– Microsoft Windows 2000 Advanced Server SP2
– Microsoft Windows 2000 Advanced Server SP1
– Microsoft Windows 2000 Advanced Server
– Microsoft Windows 2000 Datacenter Server SP2
– Microsoft Windows 2000 Datacenter Server SP1
– Microsoft Windows 2000 Datacenter Server
– Microsoft Windows 2000 Professional SP2
– Microsoft Windows 2000 Professional SP1
– Microsoft Windows 2000 Professional
– Microsoft Windows 2000 Server SP2
– Microsoft Windows 2000 Server SP1
– Microsoft Windows 2000 Server
– Microsoft Windows 2000 Terminal Services SP2
– Microsoft Windows 2000 Terminal Services SP1
– Microsoft Windows 2000 Terminal Services
– Microsoft Windows 95 SR2
– Microsoft Windows 95
– Microsoft Windows 98
– Microsoft Windows 98SE
– Microsoft Windows ME
– Microsoft Windows NT Enterprise Server 4.0 SP6a
– Microsoft Windows NT Enterprise Server 4.0 SP6
– Microsoft Windows NT Enterprise Server 4.0 SP5
– Microsoft Windows NT Enterprise Server 4.0 SP4
– Microsoft Windows NT Enterprise Server 4.0 SP3
– Microsoft Windows NT Enterprise Server 4.0 SP2
– Microsoft Windows NT Enterprise Server 4.0 SP1
– Microsoft Windows NT Enterprise Server 4.0
– Microsoft Windows NT Server 4.0 SP6a
– Microsoft Windows NT Server 4.0 SP6
– Microsoft Windows NT Server 4.0 SP5
– Microsoft Windows NT Server 4.0 SP4
– Microsoft Windows NT Server 4.0 SP3
– Microsoft Windows NT Server 4.0 SP2
– Microsoft Windows NT Server 4.0 SP1
– Microsoft Windows NT Server 4.0
– Microsoft Windows NT Terminal Server 4.0 SP6a
– Microsoft Windows NT Terminal Server 4.0 SP6
– Microsoft Windows NT Terminal Server 4.0 SP5
– Microsoft Windows NT Terminal Server 4.0 SP4
– Microsoft Windows NT Terminal Server 4.0 SP3
– Microsoft Windows NT Terminal Server 4.0 SP2
– Microsoft Windows NT Terminal Server 4.0 SP1
– Microsoft Windows NT Terminal Server 4.0
– Microsoft Windows NT Workstation 4.0 SP6a
– Microsoft Windows NT Workstation 4.0 SP6
– Microsoft Windows NT Workstation 4.0 SP5
– Microsoft Windows NT Workstation 4.0 SP4
– Microsoft Windows NT Workstation 4.0 SP3
– Microsoft Windows NT Workstation 4.0 SP2
– Microsoft Windows NT Workstation 4.0 SP1
– Microsoft Windows NT Workstation 4.0
Apple QuickTime Player 6
– Apple Mac OS 9 9.2.2
– Apple Mac OS 9 9.2.2
– Apple Mac OS 9 9.2.1
– Apple Mac OS 9 9.2.1
– Apple Mac OS 9 9.2
– Apple Mac OS 9 9.2
– Apple Mac OS 9 9.1
– Apple Mac OS 9 9.1
– Apple Mac OS 9 9.0.4
– Apple Mac OS 9 9.0.4
– Apple Mac OS 9 9.0
– Apple Mac OS 9 9.0
– Apple Mac OS X 10.1.5
– Apple Mac OS X 10.1.4
– Apple Mac OS X 10.1.4
– Apple Mac OS X 10.1.3
– Apple Mac OS X 10.1.3
– Apple Mac OS X 10.1.2
– Apple Mac OS X 10.1.2
– Apple Mac OS X 10.1.1
– Apple Mac OS X 10.1.1
– Apple Mac OS X 10.1
– Apple Mac OS X 10.1
– Apple Mac OS X 10.1
– Apple Mac OS X 10.1
– Apple Mac OS X 10.0.4
– Apple Mac OS X 10.0.4
– Apple Mac OS X 10.0.3
– Apple Mac OS X 10.0.3
– Apple Mac OS X 10.0.2
– Apple Mac OS X 10.0.2
– Apple Mac OS X 10.0.1
– Apple Mac OS X 10.0.1
– Apple Mac OS X 10.0
– Apple Mac OS X 10.0
– Microsoft Windows 2000 Advanced Server SP2
– Microsoft Windows 2000 Advanced Server SP2
– Microsoft Windows 2000 Advanced Server SP1
– Microsoft Windows 2000 Advanced Server SP1
– Microsoft Windows 2000 Advanced Server
– Microsoft Windows 2000 Advanced Server
– Microsoft Windows 2000 Datacenter Server SP2
– Microsoft Windows 2000 Datacenter Server SP2
– Microsoft Windows 2000 Datacenter Server SP1
– Microsoft Windows 2000 Datacenter Server SP1
– Microsoft Windows 2000 Datacenter Server
– Microsoft Windows 2000 Datacenter Server
– Microsoft Windows 2000 Professional SP2
– Microsoft Windows 2000 Professional SP2
– Microsoft Windows 2000 Professional SP1
– Microsoft Windows 2000 Professional SP1
– Microsoft Windows 2000 Professional
– Microsoft Windows 2000 Professional
– Microsoft Windows 2000 Server SP2
– Microsoft Windows 2000 Server SP2
– Microsoft Windows 2000 Server SP1
– Microsoft Windows 2000 Server SP1
– Microsoft Windows 2000 Server
– Microsoft Windows 2000 Server
– Microsoft Windows 2000 Terminal Services SP2
– Microsoft Windows 2000 Terminal Services SP2
– Microsoft Windows 2000 Terminal Services SP1
– Microsoft Windows 2000 Terminal Services SP1
– Microsoft Windows 2000 Terminal Services
– Microsoft Windows 2000 Terminal Services
– Microsoft Windows 95 SR2
– Microsoft Windows 95 SR2
– Microsoft Windows 95
– Microsoft Windows 95
– Microsoft Windows 98
– Microsoft Windows 98
– Microsoft Windows 98SE
– Microsoft Windows 98SE
– Microsoft Windows ME
– Microsoft Windows ME
– Microsoft Windows NT Enterprise Server 4.0 SP6a
– Microsoft Windows NT Enterprise Server 4.0 SP6a
– Microsoft Windows NT Enterprise Server 4.0 SP6
– Microsoft Windows NT Enterprise Server 4.0 SP6
– Microsoft Windows NT Enterprise Server 4.0 SP5
– Microsoft Windows NT Enterprise Server 4.0 SP5
– Microsoft Windows NT Enterprise Server 4.0 SP4
– Microsoft Windows NT Enterprise Server 4.0 SP4
– Microsoft Windows NT Enterprise Server 4.0 SP3
– Microsoft Windows NT Enterprise Server 4.0 SP3
– Microsoft Windows NT Enterprise Server 4.0 SP2
– Microsoft Windows NT Enterprise Server 4.0 SP2
– Microsoft Windows NT Enterprise Server 4.0 SP1
– Microsoft Windows NT Enterprise Server 4.0 SP1
– Microsoft Windows NT Enterprise Server 4.0
– Microsoft Windows NT Enterprise Server 4.0
– Microsoft Windows NT Server 4.0 SP6a
– Microsoft Windows NT Server 4.0 SP6a
– Microsoft Windows NT Server 4.0 SP6
– Microsoft Windows NT Server 4.0 SP6
– Microsoft Windows NT Server 4.0 SP5
– Microsoft Windows NT Server 4.0 SP5
– Microsoft Windows NT Server 4.0 SP4
– Microsoft Windows NT Server 4.0 SP4
– Microsoft Windows NT Server 4.0 SP3
– Microsoft Windows NT Server 4.0 SP3
– Microsoft Windows NT Server 4.0 SP2
– Microsoft Windows NT Server 4.0 SP2
– Microsoft Windows NT Server 4.0 SP1
– Microsoft Windows NT Server 4.0 SP1
– Microsoft Windows NT Server 4.0
– Microsoft Windows NT Server 4.0
– Microsoft Windows NT Terminal Server 4.0 SP6a
– Microsoft Windows NT Terminal Server 4.0 SP6
– Microsoft Windows NT Terminal Server 4.0 SP6
– Microsoft Windows NT Terminal Server 4.0 SP5
– Microsoft Windows NT Terminal Server 4.0 SP5
– Microsoft Windows NT Terminal Server 4.0 SP4
– Microsoft Windows NT Terminal Server 4.0 SP4
– Microsoft Windows NT Terminal Server 4.0 SP3
– Microsoft Windows NT Terminal Server 4.0 SP3
– Microsoft Windows NT Terminal Server 4.0 SP2
– Microsoft Windows NT Terminal Server 4.0 SP2
– Microsoft Windows NT Terminal Server 4.0 SP1
– Microsoft Windows NT Terminal Server 4.0 SP1
– Microsoft Windows NT Terminal Server 4.0
– Microsoft Windows NT Terminal Server 4.0
– Microsoft Windows NT Workstation 4.0 SP6a
– Microsoft Windows NT Workstation 4.0 SP6a
– Microsoft Windows NT Workstation 4.0 SP6
– Microsoft Windows NT Workstation 4.0 SP6
– Microsoft Windows NT Workstation 4.0 SP5
– Microsoft Windows NT Workstation 4.0 SP5
– Microsoft Windows NT Workstation 4.0 SP4
– Microsoft Windows NT Workstation 4.0 SP4
– Microsoft Windows NT Workstation 4.0 SP3
– Microsoft Windows NT Workstation 4.0 SP3
– Microsoft Windows NT Workstation 4.0 SP2
– Microsoft Windows NT Workstation 4.0 SP2
– Microsoft Windows NT Workstation 4.0 SP1
– Microsoft Windows NT Workstation 4.0 SP1
– Microsoft Windows NT Workstation 4.0
– Microsoft Windows NT Workstation 4.0

不受影响系统

危害
远程攻击者可以利用漏洞导致应用程序崩溃。

攻击所需条件
攻击者必须构建恶意播放文件，诱使用户打开。

漏洞信息
Apple QuickTime是一款流行的媒体播放程序。
Apple QuickTime处理畸形’.mpg’和’.mov’文件存在安全问题，攻击者可以利用漏洞导致应用程序崩溃。

测试方法

厂商解决方案
目前没有解决方案提供：
http://www.apple.com/quicktime/

漏洞提供者
Jared DeMott

Sun Java System Access Manager CDC跨站脚本漏洞 →

ZeroBox Vulnerability Database

坚持！我们将做的更好！

Apple QuickTime多个文件拒绝服务漏洞

0 条评论。

发表评论