Release DateJan 07, 2010 |
Severitycritical |
ImpactSystem compromise or denial of service |
DescriptionThis indicates a possible attack against a heap-based buffer-overflow vulnerability in Apple QuickTime.The vulnerability is due to the way the application parses PICT files. A remote attacker may exploit this by sending a crafted PICT image. |
Affected ProductsApple QuickTime before 7.6.2 |
Recommended ActionsPlease refer to the vendor's advisory for updates or patches:http://support.apple.com/kb/HT3591 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-0953 |
Reference/shttp://www.zerodayinitiative.com/advisories/ZDI-09-027/http://www.securityfocus.com/bid/35164 (BugTraq) |
