Intrusion Prevention

Apple.QuickTime.IV32.Codec.Parsing.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Apple QuickTime.
The vulnerability is caused by an error when the vulnerable software parses a crafted tag. It allows a remote attacker to execute arbitrary code via sending a malicious file.

Affected Products

Before QuickTime 7.5.5.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to the latest version, available from the following web site:
http://www.apple.com/support/downloads/

CVE References

CVE-2008-3635