[48bits Advisory] QuickTime Panorama Sample Atom Heap Overflow Abstract: QuickTime is prone to a heap overflow vulnerability when parsing malformed Panorama Sample Atoms, which are used in QuickTime Virtual Reality Movies. This Vulnerability allows attackers to execute code on vulnerable installations. Successful exploitation via Web Browser requires that the attacker should trick the user into visiting a specially crafted webpage. Affected versions : Tested with QuickTime VR extension 7.2.0.240 included with QuickTime Player 7.2 Patched in QuickTime 7.3 Original advisory and analysis at: http://www.48bits.com/advisories/qt_pdat_heapbof.pdf Credit : Mario Ballano from 48bits.com
