The vulnerability exists within the QuickTimeVR.qtx component when processing a QTVRStringAtom having an overly large "stringLength" parameter. This can be exploited to cause a based buffer overflow and execute arbitrary code under the context of the user running the application.
This update adds support for Internet Explorer 6 and 8 and bypass DEP.
Also allows to send the mov file by email to open it directly with QuickTimePlayer.
This update adds support for Internet Explorer 6 and 8 and bypass DEP.
Also allows to send the mov file by email to open it directly with QuickTimePlayer.
CVE Link
Exploit Type - Old
Exploits/Client Side
Exploit Platform
Exploit Type
Product Name