Apple QuickTime/iTunes QuickTime.QTS Heap Overflow Vulnerability

info
discussion
exploit
solution
references

Apple QuickTime/iTunes QuickTime.QTS Heap Overflow Vulnerability

The following example files were provided to demonstrate the vulnerability by crashing the application:

http://www.security-protocols.com/poc/sp-x21-1.mov <- crashes QuickTime
http://www.security-protocols.com/poc/sp-x21-2.mov <- crashes iTunes and QuickTime

Symantec has not tested the integrity of these files.