Apple.Quicktime.Panorama.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in Apple QuickTime.
The vulnerability occurs when processing "panorama sample atoms" in QuickTime Virtual Reality (QTVR) movie files. A remote attacker can exploit this vulnerability by tricking the target user into opening a crafted movie file. Successful exploitation may lead to arbitrary code execution in the security context of the logged in user.
Affected Products
Apple Computer - Mac OS X (10.3.9)
Apple Computer - Mac OS X (10.4.9)
Apple Computer - Mac OS X (10.5)
Apple Computer - Quicktime (prior to 7.3)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Update to version 7.3.
QuickTime 7.3 for Leopard:
http://www.apple.com/support/downloads/quicktime73forleopard.html
/>QuickTime 7.3 for Tiger:
http://www.apple.com/support/downloads/quicktime73fortiger.html
QuickTime 7.3 for Panther:
http://www.apple.com/support/downloads/quicktime73forpanther.html
QuickTime 7.3 for Windows:
http://www.apple.com/support/downloads/quicktime73forwindows.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |