Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

QuickTime < 7.4.1 RTSP Response Handling Overflow

Medium

Synopsis

The remote Windows host contains an application that is affected by a buffer overflow vulnerability.

Description

The version of QuickTime installed on the remote Windows host is older than 7.4.1. Such versions contain a heap buffer overflow in the application's handling of HTTP responses when RTSP tunneling is enabled. If an attacker can trick a user to visit a specially-crafted webpage, he may be able to to execute arbitrary code on the remote host subject to the user's privileges.

Solution

Upgrade to version 7.4.1 or higher.