• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Apple QuickTime/iTunes QuickTime.QTS Heap Overflow Vulnerability

A heap-based buffer overflow vulnerability has been reported in Apple QuickTime and iTunes. This issue affects both Mac OS X and Microsoft Windows releases of the software.

This issue may be triggered when the application processes a malformed movie (.MOV) file.

Successful exploitation will result in execution of arbitrary code in the context of the currently logged in user.

This issue affects Apple QuickTime 7.0.3 and iTunes 6.0.1. Earlier versions may also be affected.