Apple Mac OS X Quicktime 'Apple Lossless Audio Codec' Integer Overflow Vulnerability

Apple Mac OS X is prone to an integer-overflow vulnerability that occurs in QuickTime.

Successful exploits may allow attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

The following versions are affected:

Mac OS X 10.6 through v10.6.7
Mac OS X Server 10.6 through v10.6.7

NOTE: This issue was previously discussed in BID 48412 (Apple Mac OS X Prior to 10.6.8 Multiple Security Vulnerabilities) but has been given its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus