Apple QuickTime Prior To 7.7.1 Movie File Handling Remote Code Execution Vulnerability

Apple QuickTime is prone to a remote code-execution vulnerability due to a signedness issue.

The problem occurs when handling a specially crafted movie file. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts may cause denial-of-service conditions.

Versions prior to QuickTime 7.7.1 are vulnerable on Windows 7, Vista, and XP.

NOTE: This issue was previously discussed in BID 50388 (Apple QuickTime Prior To 7.7.1 Multiple Arbitrary Code Execution Vulnerabilities) but has been given its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus