AuickTime buffer overflow

AuickTime buffer overflow
Published:		02.12.2007
Source:		BUGTRAQ
SecurityVulns ID:		8400
Type:		client
Threat Level:		8/10
Description:		Buffer overflow on RTSP response Contet-Type header parsing parsing.

Affected:		APPLE : QuickTime 7.3
CVE:		CVE-2007-6238 (Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166.)
		CVE-2007-6166 (Stack-based buffer overflow in Apple QuickTime 7.2 and 7.3 allows remote attackers to execute arbitrary code via a long Real Time Streaming Protocol (RTSP) Content-Type header.)
		CVE-2002-0252 (Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header.)

Original document		Yag Kohha, QuickTime RTSP Response Content-type remote stack rewrite exploit (02.12.2007)
		CERT, US-CERT Technical Cyber Security Alert TA07-334A -- Apple QuickTime RTSP Buffer Overflow (02.12.2007)

Files:		QuickTime RTSP Response Content-type remote stack rewrite exploit for IE 6/7
		Quicktime 7.3 RTSP Response Content-Type Header Stack Buffer Overflow exploit (metasploit)
		Apple QuickTime Player 7.3 / 7.2 IE7,FF /Opera, XP SP2, Vista exploit
		Apple Quicktime (Vista/XP Sp2 RTSP RESPONSE) Code Exec Exploit
		SPSadvisory#46]Apple QuickTime Player "Content-Type" Buffer Overflow