HTTP: Apple Quicktime Text Track Descriptors Heap Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Apple Quicktime. The vulnerability is due to improper validation on parameter lengths of Text Track Descriptors. The overly long parameter can be copied by the vulnerable code into a fixed length heap buffer. This vulnerability can be exploited by a remote attacker by enticing the target user to open a specially crafted text track or movie file with the affected application. Successful exploitation could result in arbitrary code injection and execution in the context of the currently logged-in user.
Extended Description
Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text track in a movie file.
References
CVE: CVE-2012-0664
Short Name
HTTP:APPLE-QT-TTD-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple Buffer CVE-2012-0664 Descriptors Heap Overflow Quicktime Text Track
Release Date
08/22/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
CVSS Score
9.3