Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.
Desbordamiento en Apple QuickTime anterior a v7.7.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un archivo de película creado con codificación JPEG2000.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw exists within the JP2Deco component which is used when handling an mjp2 sample. This sample format (JPEG2000) has a required COD marker segment (0xff52) followed by a COD length value. When extracting the contents of this section the application subtracts from this length before passing it into a call to memcpy. A remote attacker can exploit this error to execute arbitrary code under the context of the user.
