In association with heise online

30 May 2007, 10:40

Apple patches QuickTime

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The vendor fixes two security vulnerabilities in Apple's QuickTime, which attackers can exploit to trigger malicious code on the computer with the use of crafted websites. The vulnerabilities affect QuickTime 7.1.6 for both Mac OS X as well as for Windows.

Once again the faults affect QuickTime for Java. This is similar to the vulnerability in QuickTime version 7.1.6, which was discovered during the Hack-a-Mac competition and which has been fixed. It potentially allows attackers to access out-of-bounds objects, to manipulate them or to even create their own objects. A second vulnerability can allow Java applets to read the browser's memory in order to gain possession of confidential data.

Apple is distributing the patch over the automatic software update. The vendor has also made the patch available for downloading.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit