QuickTime gerät regelmässig mit Sicherheitslücken in die Schlagzeilen. Mit Datum von gestern wurde erneut eine QuickTime-Sicherheitslücke publiziert; deren Entdecker Luigi Auriemma schreibt dazu unter anderem …
The problem is a buffer-overflow which happens during the filling of the LCD-like screen containing info about the status of the connection. The copying instruction is visible starting at offset 0×6761d559, the return address can be overwritten completely by the 4 bytes at offset 1926 of the error message, only NULL and carriage-return/line-feed chars are not allowed to use and after the exploitation EAX will point to the same offset where is located the data which overwrote the return address (so EAX + 4 points to the shellcode).