ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] >>: @RISK: The Consensus Security Vulnerability Alert Vol. 6 No. 1



*****************************
Widely Deployed Software
*****************************

(1) CRITICAL: Apple QuickTime RTSP URL Handler Buffer Overflow
Affected:
QuickTime version 7.1.3 and possibly prior on Mac OS and Windows platforms

Description: Apple QuickTime, a widely used media player, contains a
stack-based buffer overflow in handling RTSP URLs. The overflow has been
discovered by the "Month of Apple Bugs" project, and can be triggered
by a specially crafted RTSP URL that is 300 bytes or longer. A malicious
webpage or a media file can exploit this flaw to execute arbitrary code
on a user's system. Note that systems using QuickTime as the default
media player can be compromised upon browsing to a malicious webpage
without any user interaction. Exploit code has been publicly posted.

Status: Apple has not confirmed, no patches available. A workaround is
to disable the RTSP URL handler.

References:
Month of Apple Bugs
http://projects.info-pull.com/moab/MOAB-01-01-2007.html  
Exploit Code
http://www.milw0rm.com/exploits/3064


07.1.15 CVE: Not Available
Platform: Cross Platform
Title: OpenSER OSP Module Validateospheader Function Buffer Overflow
Description: OpenSER is an open source SIP server. The OpenSER OSP
Module is prone to a buffer overflow vulnerability that exists in the
"validateospheader()" function when validating OSP headers. An
attacker may exploit this vulnerability by manipulating the OSP
headers, ultimately resulting in memory corruption. Versions 1.1.0 and
prior are reportedly vulnerable.
Ref: http://www.securityfocus.com/bid/21801
______________________________________________________________________





 




Copyright © Lexa Software, 1996-2009.