Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 3rd, 2008

Apple QuickTime Multiple Remote Vulnerabilities

Apple QuickTime is prone to multiple remote vulnerabilities. These issues may allow remote attackers to disclose sensitive information, execute arbitrary code, and carry out denial-of-service attacks.

These issues arise when the application handles specially crafted Java applets, image files and movie files. Successful exploits may allow attackers to gain access to sensitive information, obtain remote unauthorized access in the context of a vulnerable user, and trigger a denial-of-service condition.

Versions of QuickTime prior to 7.4.5 are affected by these vulnerabilities. Vulnerable:

Apple QuickTime Player 7.4.1
Apple QuickTime Player 7.3.1 .70
Apple QuickTime Player 7.3.1
Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.4
Apple QuickTime Player 7.4
Apple QuickTime Player 7.3
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1

Not Vulnerable:

Apple QuickTime Player 7.4.5 on: Apple Mac OS X 10.4.9, Apple Mac OS X 10.3.9, Apple Mac OS X 10.5, Apple Mac OS X Server 10.4.9, Apple Mac OS X Server 10.3.9, Apple Mac OS X Server 10.5

Apple released an advisory and fixes to address these issues and 11 patches fixing a variety of problems that could allow a hacker to execute malicious code on a machine. The up-to-date version of QuickTime is now 7.4.5. Apple’s Software Update function will download the new patches for computers running Windows and Apple’s Mac OS X.

Share this item with others:

More on CyberInsecure:
  • QuickTime Crashing Zero-day Attack Code Published, Malicious Code Execution Possible
  • Apple Patches Multiple Vulnerabilities In Safari 3.1.1
  • Apple Patches Serious Security Flaws In QuickTime 7.5.5
  • Apple Patches Security Vulnerabilities In QuickTime 7.6.2
  • Critical Flaws Patched By Apple in QuickTime 7.5 Update

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Apple QuickTime Multiple Remote Vulnerabilities

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.