CVE-2007-6166

Name of the Vulnerable Software and Affected Versions Apple QuickTime versions prior to 7.3.1

Description The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved via a long Real Time Streaming Protocol (RTSP) Content-Type header in an RTSP response. The estimated number of potentially affected devices and details about real-world incidents are not specified.

Recommendations For Apple QuickTime versions prior to 7.3.1, update to version 7.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to RTSP servers to minimize the risk of exploitation. Avoid using the Content-Type header in RTSP responses until the issue is resolved.