QuickTime RTSP URL Handler Buffer Overflow (Windows)

medium Nessus Plugin ID 24268

Synopsis

The remote version of QuickTime is affected by a buffer overflow vulnerability.

Description

A buffer overflow vulnerability exists in the RTSP URL handler in the version of QuickTime installed on the remote host. Using either HTML, JavaScript or a QTL file as an attack vector and an RTSP URL with a long path component, a remote attacker may be able to leverage this issue to execute arbitrary code on the remote host subject to the user's privileges.

Solution

Apply Apple's Security Update 2007-001, which is available via the 'Apple Software Update' application, installed with the most recent version of QuickTime or iTunes.

See Also

http://www.nessus.org/u?ebb12673

http://projects.info-pull.com/moab/MOAB-01-01-2007.html

http://docs.info.apple.com/article.html?artnum=304989

https://lists.apple.com/archives/Security-announce/2007/Jan/msg00000.html

https://blogs.flexera.com/vulnerability-management/2007/01/quicktime-update-me-and-stay-vulnerable/

Plugin Details

Severity: Medium

ID: 24268

File Name: quicktime_rtsp_url_handler_overflow.nasl

Version: 1.23

Type: local

Agent: windows

Family: Windows

Published: 2/2/2007

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.8

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:apple:quicktime

Required KB Items: SMB/QuickTime/Version

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/1/2007

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Apple QuickTime 7.1.3 RTSP URI Buffer Overflow)

Reference Information

CVE: CVE-2007-0015

BID: 21829

CERT: 442497