Intrusion Prevention

Apple.QuickTime.crgn.Atom.Parsing.Heap.Overflow

Description

This indicates an attack attempt against a heap-based buffer-overflow vulnerability in Apple QuickTime on Windows.
The vulnerability is due to the software's inability to handle malformed Clipping Region (CRGN) atom types in a QuickTime movie file. A remote attacker may exploit this by sending a specially crafted movie file.

Affected Products

Apple QuickTime before 7.6.2

Impact

System compromise or denial of service.

Recommended Actions

Please refer to the vendor's web site for updates or patches:
http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html

CVE References

CVE-2009-0954