Apple QuickTime QDM2 and QDCA Encoded Audio Content (CVE-2010-0059) Memory Corruption Vulnerability

Apple QuickTime is prone to a memory-corruption vulnerability when parsing QDM2 and QDCA encoded audio data.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

NOTE: This issue was previously covered in BID 39020 (Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities) but has been assigned its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus