Signature Detail

HTTP: Apple QuickTime Color Table Atom Movie File Handling Heap Corruption1

There exists a memory corruption vulnerability in Apple QuickTime. The flaw is due to boundary errors when processing QuickTime Movie files. A remote attacker can exploit this vulnerability by enticing the target user to open a crafted QuickTime Movie file. Successful exploitation may lead to arbitrary code execution in the security context of the logged in user. In an attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the current user. In an attack case where code injection is not successful, if the affected Apple QuickTime process will terminate abnormally.