Text only | Text with Images

IDNetters Forums

Technical News & Discussion => Windows News & Discussion => Topic started by: Gary on Jan 11, 2008, 22:40:27

Title: Quicktime vulnerability (again)
Post by: Gary on Jan 11, 2008, 22:40:27
"A vulnerability in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error when handling RTSP replies and can be exploited to cause a buffer overflow via e.g. sending a specially crafted reply containing an overly-long "Reason-Phrase".

Successful exploitation may allow execution of arbitrary code, but requires that the user is e.g. tricked into opening a malicious QTL file or visiting a malicious web site.

The vulnerability is reported in version 7.3.1.70. Other versions may also be affected" quoted from Secunia
Title: Re: Quciktime vulnerability (again)
Post by: Lance on Jan 11, 2008, 22:57:11
I only updated my XP machine last weekend to the newest version. Argh!

Thanks for the heads up Gary. :)
Title: Re: Quciktime vulnerability (again)
Post by: Gary on Jan 11, 2008, 23:22:47
Sorry about the spelling :D but its a real pain just as you patch, a new hole appears :(
Title: Re: Quicktime vulnerability (again)
Post by: Lance on Jan 11, 2008, 23:28:28
Quote from: Killhippie on Jan 11, 2008, 23:22:47
Sorry about the spelling :D

Took me a minute to realise where you meant, but as if by magic...
Title: Re: Quicktime vulnerability (again)
Post by: Gary on Jan 11, 2008, 23:34:28
Quote from: Lance on Jan 11, 2008, 23:28:28
Took me a minute to realise where you meant, but as if by magic...
Cheers Lance ;D
Text only | Text with Images