HTTP: Apple QuickTime MOV File String Handling Integer Overflow
This signature detects attempts to exploit a known vulnerability in Apple QuickTime Movie Player. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the process user.
Extended Description
A remote integer overflow vulnerability affects Apple QuickTime. This issue is due to a failure of the application to properly validate integer signed-ness prior to using it to carry out critical operations. An attacker may leverage this issue to cause the affected QuickTime client to crash, denying service to legitimate users. It has been speculated that this issue may also facilitate code execution; any code execution would occur with the privileges of the user that activated the affected software. This issue affects both Microsoft Windows, and Apple versions of QuickTime.
Affected Products
Apple quicktime_player
Short Name
HTTP:STC:STREAM:QT-MOV-IO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple CVE-2005-2753 File Handling Integer MOV Overflow QuickTime String bid:15306
Release Date
09/28/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Apple
CVSS Score
5.1