Release DateOct 30, 2008 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer overflow vulnerability in Apple QuickTime.The vulnerability is caused by an error when the vulnerable software handles PDAT atoms. It allows a remote attacker to execute arbitrary code via sending a malicious file. |
Affected ProductsQuickTime versions prior to 7.5.5. |
Recommended ActionsUpdate to the latest version, available from the following web site:http://www.apple.com/support/downloads/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-3625 |
Reference/shttp://www.zerodayinitiative.com/advisories/ZDI-08-058/http://www.securityfocus.com/bid/31086 (BugTraq) |
