1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Apple QuickTime CVE-2012-3753 2

Web Attack: Apple QuickTime CVE-2012-3753 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a stack based buffer overflow vulnerability in Apple Quicktime which could result in remote code execution or cause a denial-of-service.

Additional Information

Apple QuickTime is prone to multiple vulnerabilities that may allow remote attackers to execute arbitrary code. These issues arise when the application handles specially crafted files. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.

Affected

  • Versions prior to QuickTime 7.7.3 are vulnerable on Windows 7, Vista and XP.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube