Skip to main content

Apple QuickTime RTSP Response "Reason-Phrase" Buffer Overflow

Last Update Date: 28 Jan 2011 Release Date: 14 Jan 2008 5285 Views

RISK: Medium Risk

A vulnerability has been identified in Apple QuickTime, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error when processing RTSP response messages and displaing the "Reason-Phrase", which could be exploited by atatckers to crash a vulnerable application or execute arbitrary code by tricking a user into connecting to a malicious server or visiting a specially crafted web page.


System / Technologies affected

  • Apple QuickTime version 7.3.1.70 and prior

Solutions

Do not browse untrusted websites, open malicious .QTL files, or follow untrusted links.


Vulnerability Identifier

  • No CVE information is available

Source


Related Link