Intrusion Prevention

Apple.QuickTime.SMIL.qtnext.File.Execution

Description

This indicates an attempt to exploit a vulnerability in Apple QuickTime.
The vulnerability is due to a lack of sanity checking on the qt:next attribute of SMIL texts that are embedded in videos. A remote attacker may exploit this to execute arbitrary code.

Affected Products

Apple QuickTime before 7.5.

Impact

System Compromise: Remote attackers can run arbitrary programs.

Recommended Actions

Apply the update, available from the following website:
http://support.apple.com/kb/HT1222

CVE References

CVE-2008-1585