Focus on Apple
RE: QuickTime exploited by media-handling flaw Nov 28 2007 06:36PM
Hayes, Bill (Bill Hayes owh com) (1 replies)

The Trend Micro blog reported today that three exploits have been
released and outlined the following illustrated scenario for QuickTime
exploitation:

"The attacker executes the exploit on his/her own computer, listening on
port 554 (port 554 - default port for RTSP protocol). The attacker's
machine then tries to wait for RTSP request from its victim. The
attacker creates a Web site with the malicious RTSP link embedded
(redirected to the exploit) or pops a message with the exact media link
location of the exploit to the victim's Messenger. The victim is then
enticed to visit the malicious link or view the media opens the link
using QuickTime Player. The exploit listening on port 554 is triggered
to send a response with a malformed RTSP header."

Trend Micro states that attackers could also use web sites with embedded
script/objects that direct RTSP connections to a malicious remote
server.

References:

http://blog.trendmicro.com/quicktime-player-gets-exploited-via-rtsp/

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
On Behalf Of Todd Woodward
Sent: Wednesday, November 28, 2007 11:27 AM
To: focus-apple (at) securityfocus (dot) com [email concealed]
Subject: RE: QuickTime exploited by media-handling flaw

For those with any link issues, here are are the TinyURL versions of
those links:

ComputerWorld Article: http://tinyurl.com/ysqrul

SC Magazine Article: http://tinyurl.com/25fwey

[ reply ]
Re: QuickTime exploited by media-handling flaw Nov 29 2007 08:45PM
Mark Senior (senatorfrog gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus