PROBLEM:
Apple QuickTime is prone to multiple stack-based buffer-overflow vulnerabilities.
PLATFORM:
Version(s): prior to 7.7.2
ABSTRACT:
Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
Reference links:
Vendor Advisory
Security Focus ID 53571
CVE-2012-0663
IMPACT ASSESSMENT:
Medium
Discussion:
These issues arise when the application handles specially crafted files. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.Versions prior to
QuickTime 7.7.2 are vulnerable on Windows 7, Vista and XP.
Impact:
Denial of service, executtion of arbitrary code
Solution:
Download the newest verstion of Quicktime at Apple Downloads