Bugtraq mailing list archives
Re: Buffer-overflow in Quicktime Player 7.3.1.70
From: "Marcello Barnaba (void)" <vjt () openssl it>
Date: Sat, 12 Jan 2008 23:41:57 +0100
On Jan 11, 2008, at 10:14 PM, Luigi Auriemma wrote:> Now talking about you, Marcello, the problem you had is just with "your" > same computer/network, probably you have a firewall or something else (a
> "condition" as you define it) that simply makes your ports to appear > filtered/timedout and so Quicktime gives up. Yeah, you are right. Protocol switching was disabled in my Quicktime preferences. Sorry about that.. I should have checked before writing inaccurate statements here. By the way, even with "Transport setup" -> "Automatic", the software doesn't crash nor loops after reading the HTTP payload, but I really don't know why.. It merely sits there, saying "Swiching transports". Attached a full pcap dump of the session and QuickTime.app's version plist. Have fun! :) Marcello
Attachment:
version.plist
Description:
Attachment:
dump.pcap.gz
Description:
-- pub 1024D/8D2787EF 723C 7CA3 3C19 2ACE 6E20 9CC1 9956 EB3C 8D27 87EF
Current thread:
- Buffer-overflow in Quicktime Player 7.3.1.70 Luigi Auriemma (Jan 10)
- Re: Buffer-overflow in Quicktime Player 7.3.1.70 Marcello Barnaba (void) (Jan 10)
- Re: Buffer-overflow in Quicktime Player 7.3.1.70 Luigi Auriemma (Jan 11)
- Message not available
- Re: [Full-disclosure] Buffer-overflow in Quicktime Player 7.3.1.70 Luigi Auriemma (Jan 14)
- Re: Buffer-overflow in Quicktime Player 7.3.1.70 Marcello Barnaba (void) (Jan 14)
- Re: Buffer-overflow in Quicktime Player 7.3.1.70 Luigi Auriemma (Jan 11)
- Re: Buffer-overflow in Quicktime Player 7.3.1.70 Luigi Auriemma (Jan 14)
- Re: Buffer-overflow in Quicktime Player 7.3.1.70 Marcello Barnaba (void) (Jan 10)
- <Possible follow-ups>
- Re: Re: Buffer-overflow in Quicktime Player 7.3.1.70 none (Jan 11)
- Re: Buffer-overflow in Quicktime Player 7.3.1.70 str0ke (Jan 11)
- Re: Re: Buffer-overflow in Quicktime Player 7.3.1.70 snagg (Jan 14)