Intrusion Prevention

Apple.QuickTime.Clipping.Region.Heap.Overflow

Description

This indicates an attempt to exploit a heap overflow vulnerability in Apple Quicktime.
The vulnerability can be triggered when parsing .mov file 'crgn' atoms, resulting in a heap based buffer overflow. Viewing a maliciously crafted MOV image may lead to arbitrary code execution.

Affected Products

Apple Quicktime 7.4.1 or prior.

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version of QuickTime, 7.4.5.

CVE References

CVE-2008-1017