Apple QuickTime Multiple Remote Vulnerabilities
Apple QuickTime is prone to multiple remote vulnerabilities. These issues may allow remote attackers to disclose sensitive information, execute arbitrary code, and carry out denial-of-service attacks.
These issues arise when the application handles specially crafted Java applets, image files and movie files. Successful exploits may allow attackers to gain access to sensitive information, obtain remote unauthorized access in the context of a vulnerable user, and trigger a denial-of-service condition.
Versions of QuickTime prior to 7.4.5 are affected by these vulnerabilities. Vulnerable:
Apple QuickTime Player 7.4.1
Apple QuickTime Player 7.3.1 .70
Apple QuickTime Player 7.3.1
Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.4
Apple QuickTime Player 7.4
Apple QuickTime Player 7.3
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1
Not Vulnerable:
Apple QuickTime Player 7.4.5 on: Apple Mac OS X 10.4.9, Apple Mac OS X 10.3.9, Apple Mac OS X 10.5, Apple Mac OS X Server 10.4.9, Apple Mac OS X Server 10.3.9, Apple Mac OS X Server 10.5
Apple released an advisory and fixes to address these issues and 11 patches fixing a variety of problems that could allow a hacker to execute malicious code on a machine. The up-to-date version of QuickTime is now 7.4.5. Apple’s Software Update function will download the new patches for computers running Windows and Apple’s Mac OS X.
More on CyberInsecure:
Posts
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.