Short Name |
HTTP:STC:DL:QT-PV-GIF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apple QuickTime PictureViewer GIF Rendering Vulnerability |
Release Date |
2011/06/30 |
Update Number |
1948 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
A vulnerability exists in the Apple QuickTime PictureViewer GIF processing component. The vulnerability is a result of a failure in the application to properly validate the LZW code size parameter of the GIF image. A remote attacker can exploit the vulnerability by enticing the target user to open a malicious GIF file, causing a denial of service. Not available.
PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (application crash) via a GIF image with the maximum depth start value, possibly triggering an integer overflow.