Published: 2007-01-07T05:30+00:00
Last Updated: 2007-01-07T05:30+00:00
TRTA07-005A
Apple QuickTime RTSP Buffer Overflow
Overview
Apple QuickTime contains a buffer overflow in the handling of RTSP URLs. This can allow a remote attacker to execute arbitrary code on a vulnerable system.
Event Information
| Date (UTC) | Description |
| 2007-01-05 21:49 |
US-CERT TA07-005A: Apple QuickTime RTSP Buffer Overflow Via US-CERT Mailing List |
| 2007-01-03 02:00 |
US-CERT Proof-of-Concept Code for a Vulnerability in Apple QuickTime US-CERT is aware of proof-of-concept code for a buffer overflow vulnerability in Apple QuickTime. The flaw is in the way that QuickTime handles Real Time Streaming Protocol (RTSP) URL strings. By persuading a user to access a specially crafted QuickTime file, a remote attacker may be able to execute arbitrary code or cause a denial of service on a vulnerable system. |
| 2007-01-03 |
Apple Quicktime (rtsp URL Handler) Buffer Overflow Exploit (win2k) a proof-of-concept code for this vulnerability #Cid: 21289.py #Tested: Windows 2000 SP0 + Quicktime 7.1.3.100 #Tested: Windows 2000 SP4 + Quicktime 7.1.3.100 |
| 2007-01-03 |
SANS Internet Storm Center Apple QuickTime RTSP URL Handler Vulnerability The Month of the Apple bugs seems to have started. The first bug is in the handling of RTSP URL's within Quicktime, leading to arbitrary code execution on both Windows and Mac OS. |
| 2007-01-01 |
MOAB-01-01-2007: Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow A vulnerability exists in the handling of the rtsp:// URL handler. a proof-of-concept code for this vulnerability (CVE-2007-0015) #Cid: MOAB-01-01-2007.rb #Tested: Mac OS X 10.4.8 |
| 2006-12-31 22:01 |
Symantec ThreatCON (2) => (1) |