Article

Apple fixes critical QuickTime flaws

SearchSecurity.com Staff

Apple released an update for its QuickTime player, repairing multiple vulnerabilities that could be exploited to gain access to critical files.

    Requires Free Membership to View

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

The flaws affect all versions of the media player, Apple said. The software maker released version 7.6 of the QuickTime player to repair the flaws.

Apple repaired a boundary error that exists when the player attempts to process real time streaming protocols (RTSP). The error could be exploited by an attacker to cause a buffer overflow condition.

A number of other errors plague the QuickTime player. It contains processing errors that could result in a buffer overflow if it attempts to process malicious H 263 encoded files, AVI files, and MPEG-2 and QuickTime Virtual Reality movie files.

Danish vulnerability clearinghouse Secunia gave the flaws a highly critical rating in its alert to customers. In its advisory, Secunia said attackers can pass the malicious files to a victim remotely in an attempt to exploit the flaws.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: