|
|
CVE Reference: CVE-2007-6166 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-6166 |
|
|
Description: Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/38604 ST 1018989 SREASON http://securityreason.com/securityalert/3410 SAID Secunia Advisory: SA27755 Secunia Advisory: SA29182 MISC http://docs.info.apple.com/article.html?artnum=307176 http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control MILW0RM http://www.milw0rm.com/exploits/6013 http://www.milw0rm.com/exploits/4648 GENTOO http://security.gentoo.org/glsa/glsa-200803-08.xml CERT-VN 659761 CERT http://www.us-cert.gov/cas/techalerts/TA07-334A.html BID 26549 26560 APPLE http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html |
|
| Return to the previous page. |
