In association with heise online

« previous | next »
13 September 2006, 15:01

QuickTime 7.1.3 closes several security holes

Version 7.1.3 of the popular media player QuickTime closes several security holes. Prepared files in the formats H.264, QuickTime, FLC, FlashPix and SGI run on prior versions could be used to sneak in malicious code that then runs with the user's rights.

As usual, Apple did not provide more details about the holes, but only described their effects. All affected formats can trigger buffer overruns used by attackers to smuggle malware onto the system. Manipulated FlashPix files can also trigger an exception through which a non-initialised object is not cleaned up – a hole appropriate for planting code.

The error affects QuickTime versions prior to 7.1.3 on Mac OS X 10.3.9 and later as well as Windows 2000 and XP. QuickTime users should install the new version of the software as soon as possible.

Please see also:

(ehe)

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-731496

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Gigabyte GeForce GTX 670 OC
  7. Crucial m4 SSD 128GB
  8. Diablo 3 (deutsch)
  9. Palit GeForce GTX 670
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit