Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2007-6166

Description

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

POC

Reference

- http://securityreason.com/securityalert/3410

- http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control

- https://www.exploit-db.com/exploits/4648

- https://www.exploit-db.com/exploits/6013

Github

No PoCs found on GitHub currently.