Apple QuickTime versions below 7.2 suffer from an integer overflow vulnerability when parsing SMIL files.
e36c02a2c04082aa2c63f8d1c8a1df4fb25b780e0fa834ce70d526c5f5c15948
Apple QuickTime versions below 7.2 SMIL integer overflow proof of concept exploit.
2f3e5a11e54dc958cbf55cdda9222ff8b5d78230cbc5a236157ad32dc19465f7
iDefense Security Advisory 07.11.07 - Remote exploitation of an integer overflow vulnerability in Apple Computer Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in QuickTime players handling of the title and author fields in an SMIL file. When parsing an SMIL file, arithmetic calculations can cause insufficient memory to be allocated. When copying in user-supplied data from the SMIL file, a heap-based buffer overflow occurs. This results in a potentially exploitable condition. iDefense Labs confirmed this vulnerability exists in version 7.1.3 and 7.1.5 of QuickTime on Windows and Mac OS X. Previous versions are suspected to be vulnerable.
47414f47b8bbf7fd2ae4454d3603f79eb1ec643f41903bb5279b43ecf83e4bc7