Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Apple Quicktime 7.1.6
Apple Quicktime 7.0
Apple Quicktime 7.1
Apple Quicktime 5.0.2
Apple Quicktime 7.2
Apple Quicktime 5.0.1
Apple Quicktime 7.0.0
Apple Quicktime 7.5.5
Apple Quicktime 7.1.1
Apple Quicktime 7.1.0
Apple Quicktime 7.3.1
Apple Quicktime 7.1.3
Apple Quicktime 7.3.0
Apple Quicktime 7.1.2
Apple Quicktime 6.5
Apple Quicktime 6.5.0
Apple Quicktime 6.3.0
Apple Quicktime 6.1.1
Apple Quicktime 7.3.1.70
Apple Quicktime 7.6.7
Apple Quicktime 6.1.0
Apple Quicktime 7.6.8
Apple Quicktime 7.6.9
Apple Quicktime 7.6.0
Apple Quicktime 7.4.1
Apple Quicktime 7.6.1
Apple Quicktime 7.6.2
Apple Quicktime 6.0
Apple Quicktime 6.1
Apple Quicktime 7.7 (not an official CPE)
Apple Quicktime 7.4.5
Apple Quicktime 7.6.5
Apple Quicktime 7.6.6
Apple Quicktime 3.0
Apple Quicktime 5.0
Apple Quicktime 7.2.0
Apple Quicktime 7.0.2
Apple Quicktime 7.0.1
Apple Quicktime 7.4.0
Apple Quicktime 7.0.4
Apple Quicktime 7.2.1
Apple Quicktime 7.0.3
Apple Quicktime 7.3
Apple Quicktime 7.4
Apple Quicktime 6.4.0
Apple Quicktime 6.2.0
Apple Quicktime 6.0.2
Apple Quicktime 7.1.4
Apple Quicktime 7.1.5
Apple Quicktime 7.5.0
Apple Quicktime 6.0.0
Apple Quicktime 6.0.1
Apple Quicktime 4.1.2
Apple Quicktime 6.5.1
Apple Quicktime 6.5.2
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| http://support.apple.com/kb/HT5130 | |||
| http://support.apple.com/kb/HT5016 | |||
| APPLE-SA-2012-02-01-1 |