Affected configuration(s):
cpe:/a:apple:quicktime:7.0.0
cpe:/a:apple:quicktime:7.0.1
cpe:/a:apple:quicktime:7.0.2
cpe:/a:apple:quicktime:7.0.3
cpe:/a:apple:quicktime:7.0.4
cpe:/a:apple:quicktime:7.1.0
cpe:/a:apple:quicktime:7.1.1
cpe:/a:apple:quicktime:7.1.2
cpe:/a:apple:quicktime:7.1.3
cpe:/a:apple:quicktime:7.1.4
cpe:/a:apple:quicktime:7.1.5
cpe:/a:apple:quicktime:7.1.6
cpe:/a:apple:quicktime:7.2.0
cpe:/a:apple:quicktime:7.2.1
cpe:/a:apple:quicktime:7.3.0
cpe:/a:apple:quicktime:7.3.1
cpe:/a:apple:quicktime:7.3.1.70
cpe:/a:apple:quicktime:7.4.0
cpe:/a:apple:quicktime:7.4.1
cpe:/a:apple:quicktime:7.4.5
cpe:/a:apple:quicktime:7.5.0
cpe:/a:apple:quicktime:7.5.5
cpe:/a:apple:quicktime:7.6.0
cpe:/a:apple:quicktime:7.6.1
cpe:/a:apple:quicktime:7.6.2
cpe:/a:apple:quicktime:7.6.5
cpe:/a:apple:quicktime:7.6.6
cpe:/a:apple:quicktime:7.6.7
cpe:/a:apple:quicktime:7.6.8
cpe:/a:apple:quicktime:7.6.9
cpe:/a:apple:quicktime:7.7.0
cpe:/a:apple:quicktime:7.7.1
cpe:/a:apple:quicktime:7.7.2
cpe:/a:apple:quicktime:7.7.3
cpe:/a:apple:quicktime:7.7.4
cpe:/a:apple:quicktime:7.60.92.0
cpe:/a:apple:quicktime:7.62.14.0
cpe:/a:apple:quicktime:7.64.17.73
cpe:/a:apple:quicktime:7.65.17.80
cpe:/a:apple:quicktime:7.66.71.0
cpe:/a:apple:quicktime:7.67.75.0
cpe:/a:apple:quicktime:7.68.75.0
cpe:/a:apple:quicktime:7.69.80.9
cpe:/a:apple:quicktime:7.70.80.34
cpe:/a:apple:quicktime:7.71.80.42
Date published: 2014-02-26T20:55:03.663-05:00
Date last modified: 2014-03-10T13:40:43.907-04:00
CVSS Score: 9.3
Principal attack vector: NETWORK
Complexity: MEDIUM
Reference URL: http://support.apple.com/kb/HT6150
Summary: Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.