HTTP: Quicktime RTSP Overflow
This signature detects attempts to exploit a known vulnerability in Apple Quicktime. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
Apple QuickTime is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input prior to copying it to an insufficiently sized stack-based memory buffer. Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application, facilitating the remote compromise of affected computers. Attackers exploit this issue by coercing targeted users to access malicious HTML or QTL files or by executing malicious JavaScript code. QuickTime 7.1.3 is vulnerable to this issue; other versions may also be affected.
Affected Products
Apple quicktime_player
References
BugTraq: 21829
CVE: CVE-2007-0015
URL: http://projects.info-pull.com/moab/MOAB-01-01-2007.html http://projects.info-pull.com/moab/moab-01-01-2007.html
Short Name
HTTP:STC:QT-RTSP-LINK-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-0015 Overflow Quicktime RTSP bid:21829
Release Date
01/10/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Apple
CVSS Score
6.8