Описание
Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Exploit
- US Government Resource
- Exploit
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.44519
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message.
EPSS
Процентиль: 97%
0.44519
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119