Intrusion Prevention

Apple.QuickTime.HREFTrack.Cross.Zone.Scripting

Description

It indicates a possible exploit of a Cross-Zone Scripting vulnerability in Apple Quicktime.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted MOV file. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the application, via a crafted MOV file.

Affected Products

QuickTime 7.1.3 and prior.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the Web site:
http://www.apple.com/quicktime/.

CVE References

CVE-2007-0059