AplusWebMaster
2008-06-10, 14:55
FYI...
QuickTime 7.5
- http://isc.sans.org/diary.html?storyid=4547
Last Updated: 2008-06-10 11:27:16 UTC - "...Apple's security improvements* include fixes for:
- CVE-2008-1581: PICT images can lead to an heap overflow and code execution
- CVE-2008-1582: AAC coded media can lead to code execution
- CVE-2008-1583: PICT images can lead to an heap overflow and code execution
- CVE-2008-1584: Indeo video codec can lead to a stack buffer overflow and code execution - note the fix: "This update addresses the issue by not rendering Indeo video codec content."
- CVE-2008-1585: URL handling of URLs in QuickTime files could lead to attacker controlled application launch and code execution - note the fix: "This update addresses the issue by revealing files in Finder or Windows Explorer rather than launching them."
* http://support.apple.com/kb/HT1991
Download:
- http://www.apple.com/quicktime/download/
:fear:
QuickTime 7.5
- http://isc.sans.org/diary.html?storyid=4547
Last Updated: 2008-06-10 11:27:16 UTC - "...Apple's security improvements* include fixes for:
- CVE-2008-1581: PICT images can lead to an heap overflow and code execution
- CVE-2008-1582: AAC coded media can lead to code execution
- CVE-2008-1583: PICT images can lead to an heap overflow and code execution
- CVE-2008-1584: Indeo video codec can lead to a stack buffer overflow and code execution - note the fix: "This update addresses the issue by not rendering Indeo video codec content."
- CVE-2008-1585: URL handling of URLs in QuickTime files could lead to attacker controlled application launch and code execution - note the fix: "This update addresses the issue by revealing files in Finder or Windows Explorer rather than launching them."
* http://support.apple.com/kb/HT1991
Download:
- http://www.apple.com/quicktime/download/
:fear: