HTTP: Apple QuickTime rnet Box Parsing Heap Buffer Overflow

This signature detects attempts to exploit a known vulnerability in Apple QuickTime. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected user.

Extended Description

Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rnet box in an MP4 movie file.

Affected Products

Apple quicktime

References

BugTraq: 56438

CVE: CVE-2012-3756

Short Name
HTTP:STC:DL:APPLE-QT-RNET-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple Box Buffer CVE-2012-3756 Heap Overflow Parsing QuickTime bid:56438 rnet
Release Date
01/29/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3730
False Positive
Unknown
Vendors

Apple

CVSS Score

9.3

Found a potential security threat?