CVE-2008-0778

Name of the Vulnerable Software and Affected Versions Apple QuickTime versions 7.4.1 and earlier

Description The issue is related to multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx. This can be exploited by remote attackers who send long arguments to certain methods, potentially causing a denial of service (crash) and possibly allowing the execution of arbitrary code. The methods affected include SetBgColor, SetHREF, SetMovieName, SetTarget, and SetMatrix.

Recommendations For Apple QuickTime versions 7.4.1 and earlier, update to a version later than 7.4.1 to resolve the issue.