Apple QuickTime TeXML Color String Parsing Buffer Overflow (CVE-2012-0663)
|Check Point Reference:||CPAI-2012-330|
|Source:||Apple Advisory HT5261|
|Protection Provided by:||
Who is Vulnerable?
Apple Computer QuickTime prior to 7.7.2
A stack buffer overflow vulnerability has been reported in Apple QuickTime.
The vulnerability is due to insufficient validation of a string length when processing certain elements inside QuickTime TeXML files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted TeXML file. Successful exploitation could allow an attacker to execute arbitrary code in the security context of Apple QuickTime.
This protection will detect and block the transferring of a malicious TeXML file.
In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.
Security Gateway R75 / R71 / R70
How Can I Protect My Network?
- In the IPS tab, click Protections and find the Apple QuickTime TeXML Color String Parsing Buffer Overflow protection using the Search tool and Edit the protection's settings.
- Install policy on all modules.
How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:
Attack Name: Apple QuickTime Protection Violation
Attack Information: Apple QuickTime TeXML Color String Parsing Buffer Overflow