1337day-Exploits Posted November 28, 2012 Share Posted November 28, 2012 PacketStorm-Security Acaba de publicar lo siguiente: This is the hidden content, please Sign In or Sign Up ;) This Metasploit module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. This is due to the QuickTime3GPP.gtx component not handling certain Style subfields properly, as the font-table field, which is used to trigger the overflow in this module. Because of QuickTime restrictions when handling font-table fields, only 0x31-0x39 bytes can be used to overflow, so at the moment DEP/ASLR bypass hasn't been provided. The module has been tested successfully on IE6 and IE7 browsers (Windows XP and Vista). This is the hidden content, please Sign In or Sign Up 26/11/2012 16:25 Link to comment Share on other sites More sharing options...
Recommended Posts