Vulnerability Note VU#913449

Apple QuickTime fails to properly handle corrupt GIF images

Original Release date: 11 Jan 2006 | Last revised: 31 Jan 2006


Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of files in the Graphics Interchange Format (GIF) could allow a remote attacker to execute arbitrary code on a vulnerable system.


A heap overflow exists in the way QuickTime handles the Netscape Navigator Application Extension Block of a GIF image. A specially crafted GIF image can allow attackers to execute arbitrary code of their choosing with the privileges of the user running QuickTime.

Note that this issue affects QuickTime installations on both Apple Mac OS X and Microsoft Windows operating systems.


An attacker with the ability to supply a maliciously crafted GIF file (.gif) could execute arbitrary code on a vulnerable system. The attacker-supplied code would be executed with the privileges of the QuickTime user opening the malicious file. The crafted GIF image may be supplied on a webpage or in email, or by some other means designed to encourage the victim to invoke QuickTime on the exploit image.


Install an update

Apple has addressed this issue with Quicktime 7.0.4, as specified in Apple Support Document 303101.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Apple Computer, Inc.Affected-11 Jan 2006
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



Apple credits Karl Lynn of eEye Digital Security for reporting this issue. However, the eEye advisory on this issue credits Fang Xing.

This document was written by Chad R Dougherty based on information supplied by Apple and eEye Digital Security.

Other Information

  • CVE IDs: CVE-2005-3713
  • Date Public: 10 Jan 2006
  • Date First Published: 11 Jan 2006
  • Date Last Updated: 31 Jan 2006
  • Severity Metric: 3.85
  • Document Revision: 22


If you have feedback, comments, or additional information about this vulnerability, please send us email.