Friday, January 11, 2008

QuickTime Real Time Streaming Protocol Vulnerability

US-CERT is aware of a public report of a vulnerability in Apple QuickTime. The flaw is in the way that QuickTime handles Real Time Streaming Protocol (RTSP) Response message headers. By persuading a user to access a specially crafted QuickTime file, or RTSP stream, a remote attacker may be able to execute arbitrary code or cause a denial of service on a vulnerable system.