Fortinet Discovers Vulnerability in Apple QuickTime Player
Fortinet's FortiGuard Labs has discovered an integer overflow vulnerability in Apple QuickTime Player.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Nov 08, 2010
Users should apply the solution provided by Apple.
The vulnerability exists due to improper bounds checking, which is located in Quicktime.qts. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.
Honggang Ren of Fortinet's FortiGuard Labs