Intrusion Prevention

Apple.QuickTime.PICT.Opcode.Memory.Corruption

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in Apple QuickTime.
The vulnerability occurs in quickTime.qts. An attacker may exploit this by using specially crafted ".pict" files to execute arbitrary code.

Affected Products

Apple QuickTime Player 7.4.1
Apple QuickTime Player 7.3.1 .70
Apple QuickTime Player 7.3.1
Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.4
Apple QuickTime Player 7.4
Apple QuickTime Player 7.3
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1

Impact

System Compromise.
Denial of Service.

Recommended Actions

Upgrade to the latest version of Apple QuickTime (7.4.5 or later):
http://support.apple.com/kb/HT1241.

CVE References

CVE-2008-1019