CVE-2014-1244

Name of the Vulnerable Software and Affected Versions Apple QuickTime versions prior to 7.7.5

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted movie file with H.264 encoding. This is related to a buffer overflow in the handling of the stsz Atom.

Recommendations For versions prior to 7.7.5, update to version 7.7.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of H.264 encoded movie files until the update is applied.