Info

Disclosure

Jan 01, 2007

Discovery

Unknown

Dates

Exploit

Jan 01, 2007

Solution

Unknown

Description

A remote overflow exists in Quicktime. The rtsp:// handler fails to validate a supplied URL string resulting in a stack overflow. With a specially crafted URL, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Products

Apple Computer, Inc.

QuickTime

7.1.3

References

Security Tracker: 1017461
CVE ID: 2007-0015 (see also: NVD)
Bugtraq ID: 21829
Secunia Advisory ID: 23540
SCIP VulDB ID: 2792
Metasploit ID: 31023
ISS X-Force ID: 31203
CERT VU: 442497
VUPEN Advisory: ADV-2007-0001
Vendor Specific Solution URL: http://docs.info.apple.com/article.html?artnum=304989
Generic Exploit URL: http://immunitysec.com
http://www.saintcorporation.com/cgi-bin/exploit_info/quicktime_rtsp_src
Other Solution URL: http://landonf.bikemonkey.org/code/macosx/MOAB_Day_1.20070102060815.15950.zadder.local.html
Other Advisory URL: http://projects.info-pull.com/moab/MOAB-01-01-2007.html
Mail List Post: http://whitestar.linuxbox.org/pipermail/exploits/2007-January/000086.html
Vendor URL: http://www.apple.com
News Article: http://www.eweek.com/article2/0,1895,2078180,00.asp
Keyword: Pwndertino

Credit

LMH - lmhinfo-pull.com -

Direct URL: http://osvdb.org/31023