Intrusion Prevention

Apple.QuickTime.udta.Atom.Integer.Overflow

Description

This indicates an attack attempt against an integer overflow in Apple QuickTime which may cause a denial of service or possibly arbitrary code execution by sending a crafted QuickTime movie.

Affected Products

Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 6.5.2
Apple QuickTime Player 6.5.1
Apple QuickTime Player 6.5
Apple QuickTime Player 6.1
Apple QuickTime Player 5.0.2
Apple QuickTime Player 7.1
Apple QuickTime Player 6

Impact

Denial of Service: Remote attackers can crash vulnerable systems.
System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to Apple QuickTime Player 7.1.5.
http://www.apple.com/quicktime/download/

CVE References

CVE-2007-0714