Intrusion Prevention

Apple.QuickTime.udta.Atom.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Apple QuickTime.
The vulnerability is caused by an error when the vulnerable software handles
a malicious "udta" atom. It allows remote attackers to execute arbitrary code via a crafted QuickTime movie.

Affected Products

Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 6.5.2
Apple QuickTime Player 6.5.1
Apple QuickTime Player 6.5
Apple QuickTime Player 6.1
Apple QuickTime Player 6

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to QuickTime version 7.1,available from the web site:
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09374&cat= 1&platform=osx&method=sa/mac.html

CVE References

CVE-2006-1460