HTTP: Apple Motion Integer Overflow

This signature detects attempts to exploit a known integer overflow vulnerability against Apple. A successful attack can result in information disclosure or a denial-of-service condition.

Extended Description

Integer overflow in the OZDocument::parseElement function in Apple Motion 5.0.7 allows remote attackers to cause a denial of service (application crash) via a (1) large or (2) small value in the subview attribute of a viewer element in a .motn file.

Affected Products

Apple motion

References

CVE: CVE-2013-6114

Short Name
HTTP:APPLE-MOTION-INT-OVFLOW
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2013-6114 Integer Motion Overflow
Release Date
04/18/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3715
False Positive
Unknown
Vendors

Apple

CVSS Score

5.0

Found a potential security threat?