HTTP: Apple QuickTime Crafted HTTP Error Response Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Apple QuickTime Player. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the process's user.
Extended Description
Apple QuickTime is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized buffer. Attackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions. QuickTime 7.3.1.70 is vulnerable to this issue; other versions may also be affected. NOTE: Additional information from the reporter indicates this issue affects QuickTime running on the following platforms: Microsoft Windows XP, Windows Vista, and Apple Mac OS X.
Affected Products
Apple tv,Apple quicktime_player
Short Name
HTTP:STC:STREAM:QT-RESPONSE-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apple Buffer CVE-2008-0234 Crafted Error HTTP Overflow QuickTime Response bid:27225
Release Date
09/28/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Apple
CVSS Score
9.3