1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Apple QT RTSP Content Type BO

Web Attack: Apple QT RTSP Content Type BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a buffer overflow vulnerability by passing long arguments into a header of Apple QuickTime RTSP response.

Additional Information

Apple QuickTime is a media player for Mac OS X and Microsoft Windows operating platforms.

The application is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized stack-based memory buffer.

This issue occurs when handling specially crafted RTSP (Real Time Streaming Protocol) Response headers that have an excessively large 'Content-Type' value.

Attackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions.

QuickTime 7.3 is vulnerable to this issue; other versions may also be affected.

Affected

  • Apple QuickTime Player 7.3
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube