Apple.QuickTime.chan.Atom.Parsing.Heap.Corruption

description-logoDescription

This indicates a possible attempt to exploit a remote Code Execution vulnerability in Apple Quicktime.
The vulnerability is in the parsing code of the QuickTime Channel Compositor atom. When the movie file contains a malformed 'chan' atom, heap corruption occurs, allowing for possible execution of arbitrary code in the context of the application by a remote attacker.

affected-products-logoAffected Products

Apple Quicktime version 7.4.1 and above.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apple has issued an update to correct this vulnerability. More
details can be found at:
http://support.apple.com/kb/HT1241

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)