Apple QuickTime RTSP Response Crafted Content-Type Header Buffer Overflow
Schweregrad:: Kritisch
CVE Kennungen:: CVE-2007-6166
Hinweisdatum: 21 Juli 2015
Beschreibung
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1001197
Trend Micro Deep Security DPI Rule Name: 1001197 - Apple QuickTime RTSP Response Header Content-Length Remote Buffer Overflow
Betroffene Software und Version:
- apple quicktime 3
- apple quicktime 4.1.2
- apple quicktime 5.0
- apple quicktime 5.0.1
- apple quicktime 5.0.2
- apple quicktime 6.0
- apple quicktime 6.1
- apple quicktime 6.5
- apple quicktime 6.5.1
- apple quicktime 6.5.2
- apple quicktime 7.0
- apple quicktime 7.0.1
- apple quicktime 7.0.2
- apple quicktime 7.0.3
- apple quicktime 7.0.4
- apple quicktime 7.0.8
- apple quicktime 7.1
- apple quicktime 7.1.1
- apple quicktime 7.1.2
- apple quicktime 7.1.3
- apple quicktime 7.1.4
- apple quicktime 7.1.5
- apple quicktime 7.1.6
- apple quicktime 7.2
- apple quicktime 7.3