CVE-2014-1250 Information

Description

Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.

Reference

http://support.apple.com/kb/HT6150 http://support.apple.com/kb/HT6151