Fortinet Discovers QuickTime Player Vulnerability
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in QuickTime Player.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released May 24, 2011
Users should apply the solution provided by Apple.
The vulnerability can be triggered when opening a maliciously crafted QTVR file that contains a malformed field. It could allow a remote attacker to execute arbitrary code on the affected system.
Honggang Ren of Fortinet's FortiGuard Labs