Apple has updated QuickTime to 7.4.1, once again addressing security issues and compatibility. Here's the details.
QuickTime 7.4.1
QuickTime
CVE-ID: CVE-2008-0234
Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2
Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled. By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
QuickTime
CVE-ID: CVE-2008-0234
Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2
Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled. By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
The update is recommeneded for all users and is available via Software Update and download via Apple's website. For detailed information on the security content of this update, please visit this website: http://docs.info.apple.com/article.html?artnum=307407
Labels: QuickTime, Software Update
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home