Apple QuickTime RTSP Response Crafted Content-Type Header Buffer Overflow
2015年7月21日
危険度: : 緊急
CVE識別番号: CVE-2007-6166
概要
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1001197
Trend Micro Deep Security DPI Rule Name: 1001197 - Apple QuickTime RTSP Response Header Content-Length Remote Buffer Overflow
影響を受けるソフトウェア
- apple quicktime 3
- apple quicktime 4.1.2
- apple quicktime 5.0
- apple quicktime 5.0.1
- apple quicktime 5.0.2
- apple quicktime 6.0
- apple quicktime 6.1
- apple quicktime 6.5
- apple quicktime 6.5.1
- apple quicktime 6.5.2
- apple quicktime 7.0
- apple quicktime 7.0.1
- apple quicktime 7.0.2
- apple quicktime 7.0.3
- apple quicktime 7.0.4
- apple quicktime 7.0.8
- apple quicktime 7.1
- apple quicktime 7.1.1
- apple quicktime 7.1.2
- apple quicktime 7.1.3
- apple quicktime 7.1.4
- apple quicktime 7.1.5
- apple quicktime 7.1.6
- apple quicktime 7.2
- apple quicktime 7.3