Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:DC0373185C785EAA3F33793CD2BAD62B
HistoryJan 04, 2007 - 12:00 a.m.

QuickTime rtsp src URL buffer overflow

2007-01-0400:00:00
SAINT Corporation
download.saintcorporation.com
12

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.966 High

EPSS

Percentile

99.5%

JSON

Added: 01/04/2007
CVE: CVE-2007-0015
BID: 21829
OSVDB: 31023

Background

QuickTime is a media player for Windows and Mac OS platforms.

Problem

A buffer overflow in QuickTime allows command execution when a user opens a specially crafted QTL file containing a long **src** parameter starting with **rtsp://**.

Resolution

Do not open QTL files using QuickTime.

References

<http://www.kb.cert.org/vuls/id/442497&gt;

Limitations

Exploit works on QuickTime 7.1.3.100 and requires a user to open the exploit in QuickTime.

Platforms

Windows

Related

nessus 2
packetstorm 2
saint 3
canvas 1
securityvulns 2
cve 1
cert 1
checkpoint_advisories 2
prion 1
threatpost 1
nessus
nessus
QuickTime RTSP URL Handler Buffer Overflow (Windows)
2007-02-02 00:00:00
Mac OS X Security Update 2007-001
2007-01-24 00:00:00
packetstorm
packetstorm
MOAB-01-01-2007.rb.txt
2007-01-04 00:00:00
Apple QuickTime 7.1.3 RTSP URI Buffer Overflow
2009-11-26 00:00:00
saint
saint
QuickTime rtsp src URL buffer overflow
2007-01-04 00:00:00
QuickTime rtsp src URL buffer overflow
2007-01-04 00:00:00
QuickTime rtsp src URL buffer overflow
2007-01-04 00:00:00
canvas
canvas
Immunity Canvas: QT_RTSP
2007-01-01 23:28:00
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA07-005A -- Apple QuickTime RTSP Buffer Overflow
2007-01-06 00:00:00
Apple QuickTime buffer overflow
2007-01-07 00:00:00
cve
cve
CVE-2007-0015
2007-01-01 23:28:00
cert
cert
Apple QuickTime RTSP buffer overflow
2007-01-02 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple Quicktime RTSP URL Buffer Overflow - Ver2 (CVE-2007-0015)
2014-04-16 00:00:00
Apple Quicktime RTSP URL Buffer Overflow - Ver2 (CVE-2007-0015)
2014-04-16 00:00:00
prion
prion
Buffer overflow
2007-01-01 23:28:00
threatpost
threatpost
PBS Website Compromised, Used to Serve Exploits
2009-09-23 22:41:03

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.966 High

EPSS

Percentile

99.5%

JSON
Related for SAINT:DC0373185C785EAA3F33793CD2BAD62B
nessus2packetstorm2saint3canvas1securityvulns2cve1cert1checkpoint_advisories2prion1threatpost1