Signature Detail
Short Name |
HTTP:STC:STREAM:QT-MOV-IO |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apple QuickTime MOV File String Handling Integer Overflow |
Release Date |
2010/09/28 |
Update Number |
1780 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Apple QuickTime MOV File String Handling Integer Overflow
This signature detects attempts to exploit a known vulnerability in Apple QuickTime Movie Player. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the process user.
Extended Description
A remote integer overflow vulnerability affects Apple QuickTime. This issue is due to a failure of the application to properly validate integer signed-ness prior to using it to carry out critical operations. An attacker may leverage this issue to cause the affected QuickTime client to crash, denying service to legitimate users. It has been speculated that this issue may also facilitate code execution; any code execution would occur with the privileges of the user that activated the affected software. This issue affects both Microsoft Windows, and Apple versions of QuickTime.
Affected Products
- Apple QuickTime Player 5.0.2
- Apple QuickTime Player 6
- Apple QuickTime Player 6.1.0
- Apple QuickTime Player 6.5.0
- Apple QuickTime Player 6.5.1
- Apple QuickTime Player 6.5.2
- Apple QuickTime Player 7.0.0
- Apple QuickTime Player 7.0.1
- Apple QuickTime Player 7.0.2
References
- BugTraq: 15306
- CVE: CVE-2005-2753