HTTP: Apple iChat AIM URL Handler Remote Format String Vulnerability
This signature detects attempts to exploit a know vulnerability in Apple iChat. An attacker can create a malicious Web site with Web pages containing dangerous format string urls, which if accessed by a victim, allows the attacker to can gain control of the target system.
Extended Description
Apple iChat is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers. Apple iChat version 3.1.6 (v441) is reported vulnerable; other versions may also be affected.
Affected Products
Apple ichat
References
BugTraq: 22146
CVE: CVE-2007-0021
URL: http://www.kb.cert.org/vuls/id/794752 http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html
Short Name
HTTP:STC:APPLE-ICHAT
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AIM Apple CVE-2007-0021 Format Handler Remote String URL Vulnerability bid:22146 iChat
Release Date
02/06/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
False Positive
Unknown
Vendors
Apple
CVSS Score
7.5