SMTP: Apple QuickTime QTVR QTVRStringAtom Parsing Buffer Overflow

This signature detects attempts to exploit a known vulnerability against Apple QuickTime. This can lead to code execution in the context of the vulnerable application.

Extended Description

Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file.

References

CVE: CVE-2012-0667

Short Name
SMTP:OVERFLOW:QUICKTIME-BUF
Severity
Minor
Recommended
True
Recommended Action
None
Category
SMTP
Keywords
Apple Buffer CVE-2012-0667 Overflow Parsing QTVR QTVRStringAtom QuickTime
Release Date
11/15/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
CVSS Score

9.3

Found a potential security threat?