CVE-2010-0529

Name of the Vulnerable Software and Affected Versions Apple QuickTime versions prior to 7.6.6

Description The issue is related to a heap-based buffer overflow in Apple QuickTime, which allows remote attackers to execute arbitrary code or cause a denial of service, resulting in an application crash. This can be achieved via a crafted PICT image, specifically one with a BkPixPat opcode (0x12) containing crafted values used in a calculation for memory allocation.

Recommendations For versions prior to 7.6.6, update to version 7.6.6 or later to resolve the issue. As a temporary workaround, consider avoiding the use of PICT images with BkPixPat opcodes until the update is applied. Restrict access to potentially malicious PICT images to minimize the risk of exploitation.