Apple released an update for its QuickTime player, repairing multiple vulnerabilities that could be exploited to...
gain access to critical files.
The flaws affect all versions of the media player, Apple said. The software maker released version 7.6 of the QuickTime player to repair the flaws.
Apple repaired a boundary error that exists when the player attempts to process real time streaming protocols (RTSP). The error could be exploited by an attacker to cause a buffer overflow condition.
A number of other errors plague the QuickTime player. It contains processing errors that could result in a buffer overflow if it attempts to process malicious H 263 encoded files, AVI files, and MPEG-2 and QuickTime Virtual Reality movie files.
Danish vulnerability clearinghouse Secunia gave the flaws a highly critical rating in its alert to customers. In its advisory, Secunia said attackers can pass the malicious files to a victim remotely in an attempt to exploit the flaws.