HTTP: Apple QuickTime TeXML Style Element Text Specification Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Apple QuickTime. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.
Extended Description
Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted transform attribute in a text3GTrack element in a QuickTime TeXML file.
Affected Products
Apple quicktime
Short Name
HTTP:STC:DL:APPLE-QT-TEXML
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple Buffer CVE-2012-3752 CVE-2012-3758 Element Overflow QuickTime Specification Style TeXML Text bid:56438 bid:56557
Release Date
01/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3656
False Positive
Unknown
Vendors
Apple
CVSS Score
9.3