Описание
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-6166
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38604
- https://www.exploit-db.com/exploits/4648
- https://www.exploit-db.com/exploits/6013
- http://docs.info.apple.com/article.html?artnum=307176
- http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
- http://secunia.com/advisories/27755
- http://secunia.com/advisories/29182
- http://security.gentoo.org/glsa/glsa-200803-08.xml
- http://securityreason.com/securityalert/3410
- http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
- http://www.kb.cert.org/vuls/id/659761
- http://www.securityfocus.com/bid/26549
- http://www.securityfocus.com/bid/26560
- http://www.securitytracker.com/id?1018989
- http://www.us-cert.gov/cas/techalerts/TA07-334A.html
- http://www.vupen.com/english/advisories/2007/3984
Связанные уязвимости
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.