Intrusion Prevention



This indicates an attempt to exploit a code injection vulnerability in Apple QuickTime.
The vulnerability allows remote attackers to cause arbitrary code to be injected and executed via an invalid "Atom size" field in a .QTIF image file. The code is executed in the security context of the current user.

Affected Products

prior to Apple QuickTime Player 7.4.


System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to Apple QuickTime Player 7.4.

CVE References