Exploitation Summary
CVE-2007-6166 has been observed exploited in the wild (reported by VulnCheck KEV).
EIP tracks 10 public exploits from researchers including Metasploit, jacky, krafty, including a Metasploit module exploits/windows/misc/apple_quicktime_rtsp_response.
AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in QuickTime's RTSP Content-Type header handling (CVE-2007-6166). It targets multiple Mac OS X and QuickTime versions, using architecture-specific return addresses and heap manipulation techniques to achieve remote code execution.
Description
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Exploits (10)
This is a Metasploit module exploiting a buffer overflow in QuickTime's RTSP Content-Type header handling (CVE-2007-6166). It targets multiple Mac OS X and QuickTime versions, using architecture-specific return addresses and heap manipulation techniques to achieve remote code execution.
This Metasploit module exploits a stack buffer overflow in Apple QuickTime 7.3 via an overly long RTSP response header. It sends a crafted RTSP response to trigger arbitrary code execution on the target system.
This Perl script exploits a buffer overflow vulnerability in Apple QuickTime 7.2/7.3 via a malformed RTSP response. It crafts a payload with a NOP sled, shellcode, and SEH bypass to achieve remote code execution.
This exploit targets a buffer overflow vulnerability in Safari + QuickTime <= 7.3 via a maliciously crafted RTSP Content-Type header. It uses heap spraying and shellcode execution to bind a shell on port 4444.
This exploit targets a stack-based buffer overflow in QuickTime's RTSP response handling via a crafted playlist file and heap spray. It achieves remote code execution on Windows systems running IE 6/7 and QuickTime 7.2/7.3.
This exploit targets a buffer overflow vulnerability in Apple QuickTime Player via a maliciously crafted RTSP response. It includes shellcode for a bind shell on port 4444 and is designed to work across multiple versions of QuickTime and browsers.
This exploit targets a buffer overflow vulnerability in Apple QuickTime (CVE-2007-6166) via a malformed RTSP response, leading to SEH overwrite and remote code execution on Windows Vista and XP SP2. It includes shellcode and bypasses SafeSEH by leveraging non-ASLR modules like QuickTimeStreaming.gtx.
This exploit targets a buffer overflow vulnerability in Apple QuickTime 7.3 via a malformed RTSP response. It overwrites the SEH (Structured Exception Handler) to trigger an access violation, demonstrating the potential for remote code execution.
This Metasploit module exploits a stack buffer overflow in Apple QuickTime 7.3 via an overly long RTSP response header, allowing arbitrary code execution. The exploit crafts a malicious RTSP response with a long 'Content-Type' header to trigger the overflow and includes a payload for remote code execution.
This Metasploit module exploits a stack-based buffer overflow in Apple QuickTime before version 7.3.1 via an overly long RTSP response. It includes multiple targets for different macOS and QuickTime versions, leveraging return-oriented programming (ROP) techniques for code execution.