Focus on Apple
RE: QuickTime exploited by media-handling flaw Nov 29 2007 11:11PM
Joel Esler (eslerj gmail com)
Sounds familiar.

Joel Esler

The Trend Micro blog reported today that three exploits have been
released and outlined the following illustrated scenario for QuickTime

"The attacker executes the exploit on his/her own computer, listening on
port 554 (port 554 - default port for RTSP protocol). The attacker's
machine then tries to wait for RTSP request from its victim. The
attacker creates a Web site with the malicious RTSP link embedded
(redirected to the exploit) or pops a message with the exact media link
location of the exploit to the victim's Messenger. The victim is then
enticed to visit the malicious link or view the media opens the link
using QuickTime Player. The exploit listening on port 554 is triggered
to send a response with a malformed RTSP header."

Trend Micro states that attackers could also use web sites with embedded
script/objects that direct RTSP connections to a malicious remote


-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
On Behalf Of Todd Woodward
Sent: Wednesday, November 28, 2007 11:27 AM
To: focus-apple (at) securityfocus (dot) com [email concealed]
Subject: RE: QuickTime exploited by media-handling flaw

For those with any link issues, here are are the TinyURL versions of
those links:

ComputerWorld Article:

SC Magazine Article:

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus