CVE-2008-3627

Name of the Vulnerable Software and Affected Versions Apple QuickTime versions prior to 7.5.5

Description The issue arises from improper handling of certain atoms in video files, specifically (1) MDAT atoms in MP4 video files, (2) MDAT atoms in mov video files, and (3) AVC1 atoms in an unknown media type. This can be exploited by remote attackers using crafted, H.264 encoded movie files, potentially leading to arbitrary code execution or a denial of service due to heap corruption and application crash.

Recommendations For Apple QuickTime versions prior to 7.5.5, update to version 7.5.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of H.264 encoded movie files until the update is applied.