Sign-up

ID

VAR-200802-0509


CVE

CVE-2008-0778


TITLE

Apple QuickTime for QTPlugin.ocx Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2008-002725

DESCRIPTION

Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. (1) SetBgColor Overly long arguments to methods (2) SetHREF Overly long arguments to methods (3) SetMovieName Overly long arguments to methods (4) SetTarget Overly long arguments to methods (5) SetMatrix Overly long arguments to methods. Apple QuickTime 'QTPlugin.ocx' ActiveX control is prone to multiple buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Failed exploit attempts will result in a denial-of-service condition. These issues affect QuickTime 7.4.1 and prior versions. Apple QuickTime is a very popular multimedia player. A remote attacker could exploit this vulnerability to take control of a user's system. The QTPlugin.ocx ActiveX control does not correctly verify the input to the SetBgColor, SetHREF, SetMovieName, SetTarget, and SetMatrix functions. If the user is tricked into visiting a malicious web page and passing a long string to these functions, it may trigger a stack overflow, resulting in execution Arbitrary instructions

Trust: 1.98

sources: NVD: CVE-2008-0778 // JVNDB: JVNDB-2008-002725 // BID: 27769 // VULHUB: VHN-30903

AFFECTED PRODUCTS

vendor:applemodel:quicktimescope:lteversion:7.4.1

Trust: 1.8

vendor:applemodel:quicktimescope:eqversion:7.4.1

Trust: 0.6

vendor:applemodel:quicktime playerscope:eqversion:7.4.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.3.1.70

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.3.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.6

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.5

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.4

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.3

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.4

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.3

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:neversion:7.4.5

Trust: 0.3

sources: BID: 27769 // JVNDB: JVNDB-2008-002725 // CNNVD: CNNVD-200802-288 // NVD: CVE-2008-0778

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-0778
value: HIGH

Trust: 1.0

NVD: CVE-2008-0778
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200802-288
value: HIGH

Trust: 0.6

VULHUB: VHN-30903
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-0778
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-30903
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-30903 // JVNDB: JVNDB-2008-002725 // CNNVD: CNNVD-200802-288 // NVD: CVE-2008-0778

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-30903 // JVNDB: JVNDB-2008-002725 // NVD: CVE-2008-0778

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200802-288

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200802-288

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-002725

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-30903

PATCH
title:Top Pageurl:http://www.apple.com/quicktime/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-002725

EXTERNAL IDS
db:NVDid:CVE-2008-0778
Trust: 2.8
db:BIDid:27769
Trust: 2.0
db:EXPLOIT-DBid:5110
Trust: 1.7
db:SREASONid:3652
Trust: 1.7
db:JVNDBid:JVNDB-2008-002725
Trust: 0.8
db:CNNVDid:CNNVD-200802-288
Trust: 0.7
db:MILW0RMid:5110
Trust: 0.6
db:BUGTRAQid:20080212 QUICKTIME <= 7.4.1 QTPLUGIN.OCX MULTIPLE REMOTE STACK OVERFLOW
Trust: 0.6
db:XFid:40475
Trust: 0.6
db:VULHUBid:VHN-30903
Trust: 0.1
sources:
            
            
            VULHUB: VHN-30903 // 
            
            
            
            BID: 27769 // 
            
            
            
            JVNDB: JVNDB-2008-002725 // 
            
            
            
            CNNVD: CNNVD-200802-288 // 
            
            
            
            NVD: CVE-2008-0778

REFERENCES
url:http://www.securityfocus.com/bid/27769
Trust: 1.7
url:http://securityreason.com/securityalert/3652
Trust: 1.7
url:http://www.securityfocus.com/archive/1/488045/100/0/threaded
Trust: 1.1
url:https://www.exploit-db.com/exploits/5110
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/40475
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0778
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0778
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/488045/100/0/threaded
Trust: 0.6
url:http://www.milw0rm.com/exploits/5110
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/40475
Trust: 0.6
url:http://www.apple.com/quicktime/
Trust: 0.3
url:http://support.microsoft.com/kb/240797
Trust: 0.3
url:/archive/1/488045
Trust: 0.3
sources:
            
            
            VULHUB: VHN-30903 // 
            
            
            
            BID: 27769 // 
            
            
            
            JVNDB: JVNDB-2008-002725 // 
            
            
            
            CNNVD: CNNVD-200802-288 // 
            
            
            
            NVD: CVE-2008-0778

CREDITS
laurent gaffie※ laurent.gaffie@gmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200802-288

SOURCES
db:VULHUBid:VHN-30903
db:BIDid:27769
db:JVNDBid:JVNDB-2008-002725
db:CNNVDid:CNNVD-200802-288
db:NVDid:CVE-2008-0778

LAST UPDATE DATE
2025-04-10T23:13:06.313000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-30903date:2018-10-15T00:00:00
db:BIDid:27769date:2015-05-07T17:32:00
db:JVNDBid:JVNDB-2008-002725date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200802-288date:2008-09-05T00:00:00
db:NVDid:CVE-2008-0778date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-30903date:2008-02-14T00:00:00
db:BIDid:27769date:2008-02-12T00:00:00
db:JVNDBid:JVNDB-2008-002725date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200802-288date:2008-02-14T00:00:00
db:NVDid:CVE-2008-0778date:2008-02-14T12:00:00