HTTP: Quicktime Over Firefox Remote Code Execution
This signature detects attempts to exploit a known vulnerability in Firefox Web browser. An attacker can create malicious Web pages containing dangerous Quicktime Movie and Audio files, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files (.qtl). An attacker can exploit this issue to execute arbitrary script code in the context of the affected application and load local content in a user's browser. Although this weakness doesn't pose any direct security threat by itself, an attacker may use it to aid in further attacks. QuickTime 7.1.3 is vulnerable; other versions may also be affected.
Affected Products
Apple quicktime_plug-in
References
BugTraq: 20138
CVE: CVE-2006-4965
URL: http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox http://docs.info.apple.com/article.html?artnum=305149
Short Name
HTTP:STC:STREAM:QT-FF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2006-4965 Code Execution Firefox Over Quicktime Remote bid:20138
Release Date
10/16/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Apple
Mozilla
Slackware
Netscape
CVSS Score
5.0