CVEs-PoC/2007/CVE-2007-6166.md

### [CVE-2007-6166](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

### POC

#### Reference
- http://securityreason.com/securityalert/3410
- http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
- https://www.exploit-db.com/exploits/4648
- https://www.exploit-db.com/exploits/6013

#### Github
No PoCs found on GitHub currently.