Intrusion Prevention

Apple.QuickTime.JPEG.2000.Marker.Size.Heap.Overflow

Description

This indicates a possible attack against a heap-based buffer-overflow vulnerability in Apple QuickTime.
The vulnerability is due to the software's inability to properly parse malformed JP2 images. A remote attacker may exploit this to execute arbitrary code or cause a denial-of-service condition.

Affected Products

Apple QuickTime before 7.6.2

Impact

System compromise or denial of service

Recommended Actions

Please refer to the vendor's advisory for detailed information:
http://support.apple.com/kb/HT3591

CVE References

CVE-2009-0957