Apple QuickTime rtsp URL handler buffer overflow

A flaw in real-time streaming of QuickTime videos could allow remote attackers to compromise your Windows or Mac system.

Robert Vamosi Former Editor

As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

See full bio

Robert Vamosi

Jan. 22, 2007 5:37 p.m. PT

There's a buffer overflow affecting both the Windows and Mac version of Apple QuickTime 7.1.3 real-time streaming protocol (rtsp). The flaw allows remote attackers to execute arbitrary code which could allow remote access and the arbitrary execution of malicious code on compromised machines. If a user clicks a very long and specially crafted QuickTime video URL, an attacker could load malicious code onto Microsoft Windows or Apple Mac OS X machines.

At this time, there is no patch available from Apple. Users should avoid clicking URLs that begin with "rstp://." One workaround within QuickTime is to disable the rtsp:// URL handler. To do so, Mac users should open QuickTime, go to Preferences, click the Advanced tab, and select Mime Settings; once there, uncheck the box next to Streaming - Streaming Movies. For Windows users, click Edit, then Preferences, and then QuickTime Preferences. Select File Types from the pull-down menu or tab options. On the File Types page click Streaming - Streaming Movies to display additional options and uncheck the box next to RSTP stream descriptor if necessary.

Additional Resources:

NIST: CVE-2007-0015
MOAB: MOAB-01-01-2007
Milworm.com: 3064

Mobile Guides

Phones

Foldable Phones

Headphones

Mobile Accessories

Smartwatches

Wireless Plans

Mobile coupons