Intrusion Prevention

Apple.QuickTime.Media.File.Processing.Command.Execution

Description

This indicates an attempt to exploit a vulnerability in Apple Quicktime versions earlier than 7.2 on Mac OS X 10.3.9 and 10.4.9. It is possible to cause an integer overflow because the software fails to check the width field in the "smil" file. This may allow a remote attacker to cause a denial of service by sending a crafted "smil" file.

Affected Products

Apple QuickTime versions prior to 7.2

Impact

Denial of service.

Recommended Actions

Apply patch, available from the Web site.
Upgrade to Apple QuickTime version 7.2 for Mac:
http://www.apple.com/support/downloads/quicktime72formac.html
Upgrade to Apple QuickTime version 7.2 for Windows:
http://www.apple.com/support/downloads/quicktime72forwindows.html