Intrusion Prevention

Apple.QuickTime.Movie.File.Color.Table.Atom.Heap.Corruption

Description

This indicates an attempt to exploit a buffer overflow vulnerability in Apple QuickTime. This vulnerability is due to boundary errors when processing QuickTime Movie files. A remote attacker can exploit this vulnerability by enticing the target user to open a crafted QuickTime Movie file. Successful exploitation may lead to arbitrary code execution in the security context of the logged in user.

Affected Products

Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1

Impact

System Compromise.

Recommended Actions

Upgrade to the latest version of Apple QuickTime (7.3 or later):
http://www.apple.com/quicktime/win.html.

CVE References

CVE-2007-4677