CVE-2012-3752

Related Files

Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow

Posted Nov 26, 2012

Authored by juan vazquez, Arezou Hosseinzad-Amirkhizi | Site metasploit.com

This Metasploit module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. This is due to the QuickTime3GPP.gtx component not handling certain Style subfields properly, as the font-table field, which is used to trigger the overflow in this module. Because of QuickTime restrictions when handling font-table fields, only 0x31-0x39 bytes can be used to overflow, so at the moment DEP/ASLR bypass hasn't been provided. The module has been tested successfully on IE6 and IE7 browsers (Windows XP and Vista).

tags | exploit, overflow, arbitrary, code execution

systems | windows, apple

advisories | CVE-2012-3752, OSVDB-87087

SHA-256 | ddda9ef400d14cabdbdf2f3208a25c3493b5c17111bbffef64ec3fb342b45d9d

Download | Favorite | View

Apple Security Advisory 2012-11-07-1

Posted Nov 8, 2012

Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-07-1 - QuickTime version 7.7.3 is now available and addresses multiple buffer overflows, memory corruption, and use after free vulnerabilities.

tags | advisory, overflow, vulnerability

systems | apple

advisories | CVE-2011-1374, CVE-2012-3751, CVE-2012-3752, CVE-2012-3753, CVE-2012-3754, CVE-2012-3755, CVE-2012-3756, CVE-2012-3757, CVE-2012-3758

SHA-256 | 95366d789e2d5c28d406a06fd1ca4fc0cb19baf1959db6188a58334716e79283

Download | Favorite | View