CVE-2008-4116

Apple iTunes and QuickTime - Heap-Based Buffer Overflow via Long Type Attribute in QuickTime Tag

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4116. PoCs published by securfrog.

AI-analyzed exploit summary This exploit demonstrates a heap overflow vulnerability in QuickTime 7.5.5 and iTunes 8.0 by crafting a malicious MOV file with an overly long string in the '<? quicktime type= ?>' tag, leading to a crash. Code execution is noted as possible but not explicitly demonstrated in this PoC.

Description

Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by securfrog · perldosmultiple

https://www.exploit-db.com/exploits/6471

View Code ZIP pw:eip

This exploit demonstrates a heap overflow vulnerability in QuickTime 7.5.5 and iTunes 8.0 by crafting a malicious MOV file with an overly long string in the '<? quicktime type= ?>' tag, leading to a crash. Code execution is noted as possible but not explicitly demonstrated in this PoC.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: QuickTime 7.5.5, iTunes 8.0

No auth needed

Prerequisites: Victim must open the malicious MOV file in QuickTime or iTunes, or visit a webpage embedding the malicious content

MITRE ATT&CK