CVE-2002-0252

Vulnerability

Apple QuickTime Player versions 5.01 and 5.02 are affected by a buffer overflow vulnerability [1]. The flaw occurs when processing an HTTP response with a Content-Type MIME header that exceeds a certain length. This code path is reachable when QuickTime retrieves media from a remote web server.

Exploitation

An attacker can host a malicious web server that sends a crafted HTTP response containing an overly long Content-Type header. The victim only needs to establish a connection (e.g., by browsing a page that triggers QuickTime content). No authentication or user interaction beyond navigation is required. The overflow corrupts memory, potentially allowing control of the program flow.

Impact

Successful exploitation enables arbitrary code execution in the context of the QuickTime Player process. This can lead to full system compromise, including data theft, installation of malware, or further network pivoting. The impact is high due to remote code execution without strong user interaction.

Mitigation

No official patch or workaround is disclosed in the provided references [1]. Users should upgrade to the latest version of QuickTime or consider using alternative media players. Apple may have addressed this in later versions; consult security advisories from Apple.