Apple.QuickTime.chan.Atom.Parsing.Heap.Corruption
Description
This indicates a possible attempt to exploit a remote Code Execution vulnerability in Apple Quicktime.
The vulnerability is in the parsing code of the QuickTime Channel Compositor atom. When the movie file contains a malformed 'chan' atom, heap corruption occurs, allowing for possible execution of arbitrary code in the context of the application by a remote attacker.
Affected Products
Apple Quicktime version 7.4.1 and above.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apple has issued an update to correct this vulnerability. More
details can be found at:
http://support.apple.com/kb/HT1241
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |