HTTP: Apple QuickTime RTSP Response Header Content-Length Denial of Service
This signature detects attempts to exploit a known vulnerability in the Apple QuickTime. A successful attack can lead to a buffer overflow and denial of service of the application.
Extended Description
Apple QuickTime is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized stack-based memory buffer. This issue occurs when handling specially crafted RTSP Response headers. Attackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions. QuickTime 7.2 and 7.3 are vulnerable to this issue; other versions may also be affected. NOTE: This BID is being retired because further analysis reveals that this is a duplicate of the issue described in BID 26549 (Apple QuickTime RTSP Response Header Content-Type Remote Stack Based Buffer Overflow Vulnerability).
Affected Products
Apple itunes
Short Name
HTTP:STC:APPLE-RTSP-DOS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2007-6166 Content-Length Denial Header QuickTime RTSP Response Service bid:26560 of
Release Date
02/02/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Apple
CVSS Score
9.3