by pdp

A remote vulnerability exists in the QuickTime player for Windows XP and Vista (latest service packs). Other versions are believed to be affected as well. For now, no details will be released regarding the method of exploitation.

An attacker could exploit the vulnerability by constructing a specially crafted QuickTime supported media file that allows remote code execution if a user visits a malicious Web site, opened a specially crafted attachment in e-mail or opened a maliciously crafted media file from the desktop. The vulnerability was successfully tested on Windows XP SP2 and Windows Vista SP1 environments. Other versions are believed to be exploitable as well. The vulnerability is currently held private. The GNUCITIZEN team is following responsible disclosure practices. Therefore, the vulnerability details will be privately disclosed to the vendor in a short period of time. This advisory is meant to inform the public and raise general awareness.

The video above demonstrates the issue on Windows Vista and Windows XP. The Windows Vista demo is rather slow because it runs from a 512MB VMWare machine.