Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow.

Date published : 2009-01-21

http://lists.apple.com/archives/security-announce/2009/Jan/msg00000.html

http://www.securityfocus.com/bid/33388

Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a Cinepak encoded movie file with a crafted MDAT atom that triggers a heap-based buffer overflow.

Date published : 2009-01-21

http://lists.apple.com/archives/security-announce/2009/Jan/msg00000.html

http://www.securityfocus.com/bid/33388