|Check Point Reference:||CPAI-2012-330|
|Date Published:||3 Sep 2012|
|Last Updated:||18 Feb 2016|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||A stack buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to insufficient validation of a string length when processing certain elements inside QuickTime TeXML files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted TeXML file. Successful exploitation could allow an attacker to execute arbitrary code in the security context of Apple QuickTime.|
This protection will detect and block the transferring of a malicious TeXML.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Apple QuickTime Protection Violation.
Attack Information: Apple QuickTime TeXML color string parsing buffer overflow