Apple QuickTime File Processing Remote Code Execution Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 3 Jun 2009 4761 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in Apple QuickTime, which could be exploited by remote attackers to take complete control of an affected system. These issues are caused by memory corruption, heap overflow, sign extension, and uninitialized memory access errors when processing specially crafted Sorenson 3 video files, FLC compression files, compressed PSD images, PICT images, Clipping Region (CRGN) atom types in a movie file, MS ADPCM encoded audio data, image description atoms, movie files or JP2 images, which could be exploited by remote attackers to crash an affected application or execute malicious code by tricking a user into visiting a specially crafted web page or opening a malformed file.

Impact

  • Remote Code Execution

System / Technologies affected

  • Apple QuickTime versions prior to 7.6.2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple iTunes "itms:" URI Handling Remote Buffer Overflow Vulnerability

3 Jun 2009 4845 Views

Next

ACDSee Products TIFF and Font Parsing Buffer Overflow Vulnerabilities

4 Jun 2009 4821 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY