OSVDB ID: 48031

Title: Apple QuickTime CallComponentFunctionWithStorage Function Movie File Handling Arbitrary Code Execution

Info

Disclosure

Sep 09, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Vendor Verified

Solution

Upgrade to version 7.7.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

Security Tracker: 1020841
CVE ID: 2008-3626 (see also: NVD)
Bugtraq ID: 31086
Secunia Advisory ID: 31821 32121
Related OSVDB ID: 48027 48028 48029 48030 48032 48033 48034 48035 48038
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-09/0108.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00000.html
Vendor Specific Advisory URL: http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html
Vendor Specific News/Changelog Entry: http://support.apple.com/kb/HT3027
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-08-059/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/48031