Intrusion Prevention

Apple.QuickTime.Data.Field.Code.Execution

Description

Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field.

Affected Products

Apple Quicktime before 7.0.4

Impact

Gain access.

Recommended Actions

Upgrade to the latest version of QuickTime (7.0.4 later), available from the Apple Security Updates Web page. See References.

CVE References

CVE-2005-2340