Intrusion Prevention

Apple.QuickTime.Player.Logging.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in
Apple QuickTimeStreaming.qtx.
This vulnerability is due to the vulnerable software's inability to properly handle malformed movie files. Successful exploit attempts will likely cause the program to crash, resulting in a denial of service condition.

Affected Products

Apple QuickTime Player 7.6.6 (1671)
Apple QuickTime Player 7.6.6
Apple QuickTime Player 7.6.5
Apple QuickTime Player 7.6.4
Apple QuickTime Player 7.6.2
Apple QuickTime Player 7.6.1
Apple QuickTime Player 7.5.5
Apple Mac OS X 10.4.9
Apple Mac OS X 10.3.9
Apple Mac OS X 10.5
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.5
Apple QuickTime Player 7.4.5
Apple Mac OS X 10.4.9
Apple Mac OS X 10.3.9
Apple Mac OS X 10.5
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.5
Apple QuickTime Player 7.4.1
Apple QuickTime Player 7.3.1 .70
Apple QuickTime Player 7.3.1
Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 7.6
Apple QuickTime Player 7.5
Apple QuickTime Player 7.4
Apple QuickTime Player 7.3
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the following website:
http://www.apple.com/quicktime/download/

CVE References

CVE-2010-1799