Return to VNFAWING.com Website Return to Main Forum Index PageReturn to VNFAWING.com Website
:: Forum Index :: Zephyrnet Forums :: FAQ :: Search :: Memberlist :: Groups :: Register :: Profile :: Log in to check your private messages :: Log in ::
Apple updates QuickTime to plug serious flaw

 
Post new topic   Reply to topic    VNFAWING.com Forum Index -> Internet, Hardware, Networking, & Security Forum
View previous topic :: View next topic  
Author Message
CAG Hotshot

Admin, Site Owner, Developer, Webmaster
 

Rank: Admin, Site Owner, Developer, Webmaster

Joined: 12 Aug 2004

Posts: 16082

Post subject: Apple updates QuickTime to plug serious flaw Reply with quote
Quote:
Apple updates QuickTime to plug serious flaw

By Staff
14 Dec 2007

Apple Inc. today released a new version of QuickTime to address a serious zero-day flaw in the media player that could have been exploited to cause a buffer-overflow and hijack vulnerable computers.

The Apple update of QuickTime 7.3.1 addresses a boundary error that surfaces when affected machines try to process RTSP replies.

"This update addresses the issue by ensuring that the destination buffer is sized to contain the data," Apple said in its advisory to customers.

The update is available for Quicktime running on Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, and Windows Vista, XP SP2.

A proof-of-concept code was available that could be used to trigger remote code execution for QuickTime on Microsoft Windows Vista and XP, as well as versions of Mac OS X.

"Successful exploitation allows execution of arbitrary code and requires that the user is tricked into opening a malicious QTL file or visiting a malicious Web site," Danish vulnerability clearinghouse Secunia said in its advisory.

_________________
CAG Hotshot
"FAF Shape Meister"
Forum Administrator
FAF/FA-2 Design team
TSH Member/Developer

-------- __@
----- _`\<,_
---- (*)/ (*)
~~~~~~~~~~~~~~~~



PostTue Dec 18 1:21:08 2007
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    VNFAWING.com Forum Index -> Internet, Hardware, Networking, & Security Forum All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls




VNFAWING Flight Sim Development Center,Inc. - VNFAWING.comô

Powered by phpBB © 2001 - phpBB Group