Intrusion Prevention

Apple.QuickTime.stsd.Atom.Buffer.Overflow

Description

This indicates a possible exploit of a Heap Buffer Overflow vulnerability in Apple Quicktime.
This issue is caused by an error when handling "MOV" files with malformed STSD atom. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted "MOV"file.

Affected Products

Apple Computer QuickTime prior to 7.3
Apple Computer Mac OS X 10.3.9
Apple Computer Mac OS X 10.4.9
Apple Computer Mac OS X 10.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's website for suggested workaround.
http://docs.info.apple.com/article.html?artnum=306896

CVE References

CVE-2007-3750 CVE-2007-0754