Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing the specially crafted TGA image files. This is due to application failure to sanitize the parameter ImageWidth value while parsing TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
7f7c93d74581c8bf0e5a052e5abee464179161e6e4b50965e105653b5072be4c