BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Apple QuickTime RTSP Buffer Overflow

Disclosed November 23, 2007    No Patch Available

Vulnerability Description:

A stack-based buffer overflow occurs when processing a malformed RTSP server response. If the attacker develops a malicious RTSP server that is able to deliver a very long ‘Content-Type’ field, the QuickTime client that connects to this server over the RTSP protocol can then be exploited. This process can be further "automated" by launching the attack from within an HTML file, which makes it easier to trick vulnerable users into connecting to a malicious RTSP server.

Vendors:

Apple

Vulnerable Software/Devices:

QuickTime 7.3 and earlier

Vulnerability Severity:

High

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

BeyondTrust's Blink® Personal Edition protects from this vulnerability.
BeyondTrust's Blink® Professional Edition protects from this vulnerability.
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

Patch:
APPLE-SA-2007-12-13 QuickTime 7.3.1

Mitigation:

There is no known mitigation for blocking the exploitation of this vulnerability completely, however certain mitigation tactics may allow for attack vectors to be disrupted. These tactics are clearly spelled out in the referenced US-CERT advisory.

Links:

Original PoC (Crash)
Second PoC (Crash)
Third PoC (Crash)
US-CERT Advisory
Fourth PoC - Fully Functional Reverse Shell

CVE(s):

None

Leave a Reply