lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4478B00B.8000309@comcast.net>
Date: Sat, 27 May 2006 16:01:15 -0400
From: John Richard Moser <nigelenki@...cast.net>
To: bugtraq@...urityfocus.com
Subject: Buffer overflow in QuickTime 7.0.4?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


I'm not sure if this one is known but I see the last buffer overflows
show Quicktime 7.x vulnerable and suggest upgrading to 7.0.4*.

* http://docs.info.apple.com/article.html?artnum=303101

I was downloading Elephant's dream from
http://osaddict.com/files/Elephants_Dream_1024-h264-st-aac.mov on
Windows XP*, and started playing with scrolling past the end of the
movie.  This invariably crashes Firefox with the QuickTime player, etc etc.

* http://orange.blender.org/ QuickTime, H.264 / AAC Stereo 1024x576

So I opened the QuickTime Player itself, v7.0.4, and threw it forward to
half-way.  I get a dialog box claiming the Microsoft Visual C Runtime
detected a "buffer overflow," and immediately remember-- windows has
stack smash protection now, thanks to the MS Research Glepnir project
looking into StackGuard!  I know the basic concept-- canaries on the stack.

So apparently I threw QuickTime 7.0.4 into an overflow again?

The question here is, can anyone else reproduce this one?  I don't have
an exact environment or a file for you (it was downloading while it was
going), but just let the download go for a bit and start trying to open
it in QuickTime while it's downloading and scroll past the end.

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

    Creative brains are a valuable, limited resource. They shouldn't be
    wasted on re-inventing the wheel when there are so many fascinating
    new problems waiting out there.
                                                 -- Eric Steven Raymond

    We will enslave their women, eat their children and rape their
    cattle!
                  -- Bosc, Evil alien overlord from the fifth dimension
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBRHiwCgs1xW0HCTEFAQLdjhAAjh+dcm6CWIpUBLewzQeYf3p+56UmAFAH
Q8O2WwXmU/E9HM5O4jz2cYbSYOLiWnGu32Oqf2qPFhiWh9XF/k7pNd4c+uEMUKaL
0+zMgyXZL8hsVqY90vKqWuFU1r20rbqfanrnZMbrdGP5ApeVbgTtYoJMfnIoy0ow
QqAHAwdtLpVYcFL1FJ/iM8smGYBI8B3pmMd/rmYTeY1bKmho5+3Ei0WQjDicZ2At
aNR6Nlzk/tv3vOJQxMxfXnRwlE1dfPGtWuzkSQK8EFwjEwWJSfkiRD68/PCUaowY
1ziqL3PMUaUVDJc3Cj9sNdpeUTErOfgcsHc06OjxKundp52nznZIG8zGVnPmdAwj
OptiIrCTxkTIhzQA5ZVeBVk0uKb9aSIJWq4oaYemvvsjoM+teVVu4oeGTdepodHA
w9KdKiuUbAmdQRlcXiFk8XvnFbatxs4sKPtnUjVx8Ti+LST6b0G6HjIvOr6hTGz6
bJbm2ln5tozRXsZhThEKIYuB4h/psrREoHTs5ft5cwJG2w3HoeGJL68xkXARfZLc
3K5czeY0AZ/g6q7YF3XdjTraA8a/aM0pChAwximQJPdKerhSaKKYKQI1rf3ajwXY
+I4O2//KDXWFZzgRNNEc2jjDGyo8e0eXz9xfmwPfwRq1KENwToUEOx4CH/EDIDZI
aYKIDtHGFZk=
=aJp3
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ