Intrusion Prevention

Apple.QuickTime.Pictureviewer.JP2.DoS

Description

This indicates an attack attempt against a buffer overflow vulnerability in Apple Quicktime Pictureviewer.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted JP2 file. It allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted jp2 file.

Affected Products

Mac OS X v10.5.8, Mac OS X Server v10.5.8

Impact

Denial of service

Recommended Actions

Apply the patch supplied by the vendor:
http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html

CVE References

CVE-2010-3788