Intrusion Prevention

Apple.QuickTime.qtl.File.XAS.Remote.Exploit

Description

This indicates a command injection vulnerability in Apple QuickTime. It allows remote attackers to inject arbitrary commands via the qtnext parameter within QuickTime link (.qtl) files.

Affected Products

Apple QuickTime versions 7.x

Impact

System compromise, arbitrary command execution.

Recommended Actions

Currently we are not aware of any official fix for this issue.

CVE References

CVE-2006-4965