Sysadmin News » Extremely Critical Header Buffer Overflow in Apple QuickTime RTSP “Content-Type”

« Highly critical vulnerabilities in BitDefender Online Scanner Highly critical Vulnerability in OpenOffice »

Nov 29 2007

Profile Image of MuZumbu
MuZumbu

Extremely Critical Header Buffer Overflow in Apple QuickTime RTSP “Content-Type”

Posted at 7:35 am under Secunia

Secunia Advisory:	SA27755
Release Date:	2007-11-26

Critical:	Extremely critical
Impact:	System access
Where:	From remote
Solution Status:	Unpatched

Software:	Apple QuickTime 7.x



Description: h07 has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error when processing RTSP replies and can be exploited to cause a stack-based buffer overflow via a specially crafted RTSP reply containing an overly long “Content-Type” header. Successful exploitation allows execution of arbitrary code and requires that the user is e.g. tricked into opening a malicious QTL file or visiting a malicious web site. The vulnerability is confirmed in version 7.3. Other versions may also be affected. NOTE: A working exploit is publicly available. Solution: Do not browse untrusted websites, follow untrusted links, nor open untrusted QTL files. Provided and/or discovered by: h07 Original Advisory: http://www.milw0rm.com/exploits/4648

No responses yet

Trackback URI | Comments RSS

Leave a Reply

You must be logged in to post a comment.

Archives
September 2008

M T W T F S S

« Jul

1 2 3 4 5 6 7

8 9 10 11 12 13 14

15 16 17 18 19 20 21

22 23 24 25 26 27 28

29 30

"