Release date:
Updated on:
Affected Systems:
Apple QuickTime Player 7.x
Unaffected system:
Apple QuickTime Player 7.7.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 53577
Cve id: CVE-2012-0666
QuickTime is a multimedia architecture developed by Apple Computer. It can process many digital videos, media paragraphs, sound effects, text, animations, music formats, and interactive panoramic images.
The plug-in earlier than Apple QuickTime 7.7.2 on Windows has a stack overflow security vulnerability when processing specially crafted QTMovie files, which allows remote attackers to execute arbitrary code or cause DOS.
<* Source: Chkr_d591
Link: http://secunia.com/advisories/47447/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Apple
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://support.apple.com/