{"vuid":"VU#148564","idnumber":"148564","name":"Apple QuickTime/Darwin Streaming Server integer overflow in MP3Broadcaster utility","keywords":["Apple","QuickTime","Darwin Streaming Server","integer","MP3Broadcaster utility"],"overview":"Apple's QuickTime and Darwin Streaming Server (DSS) package includes a utility called MP3Broadcaster. This utility contains an integer overflow which may be exploited to cause a denial of service.","clean_desc":"Apple's QuickTime and Darwin Streaming Server is software which provides integrated distribution of various forms of digital content. Such content can be delivered over a network using Real-Time Transport Protocol (RTP) and Real-Time Streaming Protocol (RTSP). Streaming media content can include files encoded in QuickTime, MPEG, and MP3 formats. A utility package called MP3Broadcaster contains an integer overflow vulnerability. Like buffer overflows, an integer overflow may be exploited to cause affected software to crash. Under certain circumstances, an  integer overflow has the potential to be allow an attacker to exploit arbitrary code, but in this case, does not appear possible. The integer overflow in MP3Broadcaster in DSS 4.1.3 is triggered when parsing malformed ID3 tags within crafted MP3 files. This vulnerability only has the potential to be exploited by remote attackers if they can get vulnerable servers to parse malicious MP3 files (i.e., by uploading a file).","impact":"Exploitation of this vulnerability may lead to denial of service.","resolution":"The CERT/CC is currently unaware of a practical solution to this problem.","workarounds":"Ensure unauthenticated remote broadcasts is disabled.","sysaffected":"","thanks":"Sir Mordred\n reported this vulnerability in several public forums.","author":"This document was written by Jeffrey S. Havrilla.","public":["http://securitytracker.com/alerts/2003/May/1006822.html","http://www.securityfocus.com/bid/7660","http://www.iss.net/security_center/static/12054.php"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-05-22T20:47:09Z","publicdate":"2003-05-22T00:00:00Z","datefirstpublished":"2003-12-23T16:01:32Z","dateupdated":"2003-12-23T16:01:52Z","revision":10,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"8","cam_impact":"17","cam_easeofexploitation":"8","cam_attackeraccessrequired":"10","cam_scorecurrent":"4.692","cam_scorecurrentwidelyknown":"4.692","cam_scorecurrentwidelyknownexploited":"8.772","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":4.692,"vulnote":null}