CVE-2005-2340

Name of the Vulnerable Software and Affected Versions Apple Quicktime versions prior to 7.0.4

Description The issue is related to a heap-based buffer overflow that allows remote attackers to execute arbitrary code via crafted image files, including QuickTime Image File (QTIF), PICT, or JPEG format images with long data fields. Specifically, QuickTime fails to validate certain boundaries within PICT files, resulting in a stack or heap overflow. This can lead to arbitrary code execution, causing a loss of integrity.

Recommendations For Apple Quicktime versions prior to 7.0.4, update to version 7.0.4 or later to resolve the issue. As a temporary workaround, consider avoiding the use of PICT files or restricting access to specially crafted image files until the update is applied.