CVE-2008-3625

Name of the Vulnerable Software and Affected Versions Apple QuickTime versions prior to 7.5.5

Description A stack-based buffer overflow issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted QuickTime Virtual Reality (QTVR) movie file. The issue is triggered by maxTilt, minFieldOfView, and maxFieldOfView elements in panorama track PDAT atoms.

Recommendations For versions prior to 7.5.5, update to version 7.5.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of QTVR movie files with crafted maxTilt, minFieldOfView, and maxFieldOfView elements in panorama track PDAT atoms until the update is applied.