Apple.QuickTime.MJPEG.Sample.Dimensions.Code.Execution
Description
This indicates an attack attempt to exploit a code execution vulnerability in Apple QuickTime.
The vulnerability results from insecure code in the DLL responsible for parsing QuickTime media file with malformed MJPEG sample dimensions data. It can be exploited via a crafted ".mov" file leading to remote code execution.
Affected Products
QuickTime in Apple Mac OS X before 10.6.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
http://support.apple.com/kb/HT4077
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |