##############################################################################
#
#  Apple Quicktime RTSP URL Handling BoF Vulnerability (Windows)
#
#  Copyright: OS2A and it's member companies
#
#  Date Written: 2007/01/02
#
#  $Revision: 1.1 $
#
#  $Log: os2a_quicktime_rtsp_bof_win_601350.nasl,v $
#  Revision 1.1  2007/01/05 13:23:14  shraddha
#  To Production Issue #3474
#
#
#  Revision 1.1  2007/01/03 06:02:55  areddy
#  ------------------------------------------------------------------------
#  This program was written by OS2A and/or it's member companies and is
#  licensed under the GNU GPL license. Please see below for details. This
#  header contains information regarding licensing terms under the GPL, and
#  information regarding obtaining source code from the Author. Consequently,
#  pursuant to section 3(c) of the GPL, you must accompany the information
#  found in this header with any distribution you make of this Program.
#  ------------------------------------------------------------------------
##############################################################################


if(description)
{
 script_id(601350); 
 script_bugtraq_id(21829);
 script_cve_id("CVE-2007-0015");
 script_copyright(english:"Copyright (C) 2007 OS2A");
 script_version("$Revision: 1.1 $");
 script_category(ACT_GATHER_INFO);
 script_family(english:"Misc.");
 script_name(english:"Apple Quicktime RTSP URL Handling BoF Vulnerability (Windows)");
 script_summary(english:"Check for vulnerable version of Apple QuickTime Player");
 desc["english"] = "
 Overview : This host has Apple QuickTime Player installed which is prone to
 buffer overflow vulnerability.

 This issue is due to stack overflow error when handling a malformed rtsp
 URL (rtsp:// [random] + colon + [299 bytes padding + payload]).
 
 Impact : Successful exploitation could allow remote attackers to execute
 arbitrary commands by tricking a user into visiting a specially crafted web
 page or using either HTML, Javascript or a QTL file as attack vector.
 
 Scope of impact is limited to system level.

 Affected Software : Apple QuickTime Player version 7.1.3 and prior.

 Affected Platform : Windows and Mac OS X.

 Solution : No vendor supplied patch/update is available as on 3rd Jan 2007.
 Information regarding this issue will be updated once the solution details are
 available.
 For updates refer, http://www.apple.com/quicktime/download/

 References : http://projects.info-pull.com/moab/MOAB-01-01-2007.html
 
 CVSS Score :
	CVSS Base Score     : 6.8 (AV:R/AC:H/Au:NR/C:P/I:P/A:C/B:A)
	CVSS Temporal Score : 6.1
 Risk factor : Medium";
 script_description(english:desc["english"]);
 script_dependencies("os2a_quicktime_mul_vuln_600567.nasl");
 script_require_keys("Apple/QuickTime/Version");
 exit(0);
}


 quicktimeVer = get_kb_item("Apple/QuickTime/Version");
 if(quicktimeVer)
 {
        if(egrep(pattern:"^([0-6]\..*|7\.(0(\..*)?|1(\.[0-3])?)$)",
		 string:quicktimeVer)){
                security_hole(0);
        }
 }