Apple QuickTime Color Table ID Heap Overflow Vulnerability

Apple QuickTime Color Table ID Heap Overflow Vulnerability

QuickTime is prone to a heap-overflow vulnerability because it fails to perform adequate bounds checking on user-supplied data.

An attacker can exploit this vulnerability to corrupt heap memory and execute arbitrary code in the context of the user running the application. Failed exploit attempts will likely cause denial-of-service conditions.

QuickTime 7.1.3 is vulnerable; other versions may also be affected.

This issue was previously discussed in BID 22827 (Apple QuickTime Multiple Unspecified Code Execution Vulnerabilities), but has been assigned its own record because of new information.