CVE-2010-3792

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.6.x through 10.6.4 Apple QuickTime (affected versions not specified)

Description The issue is related to an integer signedness error in QuickTime, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted MPEG movie file. This can lead to an application crash.

Recommendations For Apple Mac OS X versions 10.6.x through 10.6.4, update to version 10.6.5 or later to resolve the issue. At the moment, there is no information about a specific fix for Apple QuickTime, consider restricting the use of QuickTime to minimize the risk of exploitation.