« Back to list
|Threat Type ||Propagation Methods ||Systems Affected ||Risk Level |
| || || |
- Windows NT
- Windows XP
- Windows 2000
- Windows 95/98/ME
Apple QuickTime is prone to a heap-based buffer overflow vulnerability.
The vulnerability is caused due to a flaw exists within QuickTimeAuthoring.qtx during the parsing of DELTA_FLI chunks stored within a malformed '.fli' file. The application trusts a user-supplied length for decompression which can be modified to copy more data that leading to a buffer overflow. By persuading a victim to visit a crafted FLC file, a remote attacker could exploit this vulnerability to cause the application to crash or execute arbitrary code on the system with the privileges of the victim.
Affected: Apple QuickTime Player < 7.6.6
Back to Top