dear zdi,<div><br></div><div>please instruct n3td3v on your process. oh sorry you already have in every email alert that you send!</div><div><br></div><div>"Researchers interested in getting paid for their security research<br>
through the ZDI can find more information and sign-up at:<br><br> <a href="http://www.zerodayinitiative.com" target="_blank">http://www.zerodayinitiative.com</a><br><br>The ZDI is unique in how the acquired vulnerability information is<br>
used. TippingPoint does not re-sell the vulnerability details or any<br>exploit code. Instead, upon notifying the affected product vendor,<br>TippingPoint provides its customers with zero day protection through<br>its intrusion prevention technology. Explicit details regarding the<br>
specifics of the vulnerability are not exposed to any parties until<br>an official vendor patch is publicly available. Furthermore, with the<br>altruistic aim of helping to secure a broader user base, TippingPoint<br>provides this vulnerability information confidentially to security<br>
vendors (including competitors) who have a vulnerability protection or<br>mitigation product.<br><br>Our vulnerability disclosure policy is available online at:<br><br> <a href="http://www.zerodayinitiative.com/advisories/disclosure_policy/" target="_blank">http://www.zerodayinitiative.com/advisories/disclosure_policy/"</a></div>
<div><br></div><div><br></div><div>thanks.</div><div><br></div><div><br></div><div><br><div class="gmail_quote">On Thu, Apr 3, 2008 at 5:54 PM, <<a href="mailto:zdi-disclosures@3com.com">zdi-disclosures@3com.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">ZDI-08-018: Apple QuickTime Run Length Encoding Heap Overflow<br>
Vulnerability<br>
<a href="http://www.zerodayinitiative.com/advisories/ZDI-08-018" target="_blank">http://www.zerodayinitiative.com/advisories/ZDI-08-018</a><br>
April 3, 2008<br>
<br>
-- CVE ID:<br>
CVE-2008-1021<br>
<br>
-- Affected Vendors:<br>
Apple<br>
<br>
-- Affected Products:<br>
Apple Quicktime 7.4.1<br>
<br>
-- TippingPoint(TM) IPS Customer Protection:<br>
TippingPoint IPS customers have been protected against this<br>
vulnerability by Digital Vaccine protection filter ID 5998.<br>
For further product information on the TippingPoint IPS, visit:<br>
<br>
<a href="http://www.tippingpoint.com" target="_blank">http://www.tippingpoint.com</a><br>
<br>
-- Vulnerability Details:<br>
This vulnerability allows attackers to execute arbitrary code on<br>
vulnerable installations of Apple QuickTime Player. User interaction is<br>
required to exploit this vulnerability in that the target must visit a<br>
malicious page or open a malicious file.<br>
<br>
The specific flaw exists within the parsing of QuickTime files that<br>
utilize the Animation codec. A lack of proper length checks can result<br>
in a heap based buffer overflow leading to arbitrary code execution<br>
under the context of the currently logged in user.<br>
<br>
-- Vendor Response:<br>
Apple has issued an update to correct this vulnerability. More<br>
details can be found at:<br>
<br>
<a href="http://support.apple.com/kb/HT1241" target="_blank">http://support.apple.com/kb/HT1241</a><br>
<br>
-- Disclosure Timeline:<br>
2008-02-07 - Vulnerability reported to vendor<br>
2008-04-03 - Coordinated public release of advisory<br>
<br>
-- Credit:<br>
This vulnerability was discovered by:<br>
* Anonymous<br>
<br>
-- About the Zero Day Initiative (ZDI):<br>
Established by TippingPoint, The Zero Day Initiative (ZDI) represents<br>
a best-of-breed model for rewarding security researchers for responsibly<br>
disclosing discovered vulnerabilities.<br>
<br>
Researchers interested in getting paid for their security research<br>
through the ZDI can find more information and sign-up at:<br>
<br>
<a href="http://www.zerodayinitiative.com" target="_blank">http://www.zerodayinitiative.com</a><br>
<br>
The ZDI is unique in how the acquired vulnerability information is<br>
used. TippingPoint does not re-sell the vulnerability details or any<br>
exploit code. Instead, upon notifying the affected product vendor,<br>
TippingPoint provides its customers with zero day protection through<br>
its intrusion prevention technology. Explicit details regarding the<br>
specifics of the vulnerability are not exposed to any parties until<br>
an official vendor patch is publicly available. Furthermore, with the<br>
altruistic aim of helping to secure a broader user base, TippingPoint<br>
provides this vulnerability information confidentially to security<br>
vendors (including competitors) who have a vulnerability protection or<br>
mitigation product.<br>
<br>
Our vulnerability disclosure policy is available online at:<br>
<br>
<a href="http://www.zerodayinitiative.com/advisories/disclosure_policy/" target="_blank">http://www.zerodayinitiative.com/advisories/disclosure_policy/</a><br>
<br>
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,<br>
is being sent by 3Com for the sole use of the intended recipient(s) and<br>
may contain confidential, proprietary and/or privileged information.<br>
Any unauthorized review, use, disclosure and/or distribution by any<br>
recipient is prohibited. If you are not the intended recipient, please<br>
delete and/or destroy all copies of this message regardless of form and<br>
any included attachments and notify 3Com immediately by contacting the<br>
sender via reply e-mail or forwarding to 3Com at <a href="mailto:postmaster@3com.com">postmaster@3com.com</a>.<br>
_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
</blockquote></div><br></div>