Apple sounds alarm over QuickTime flaws

Written on November 5, 2005 – 9:57 am | by GoogleBot |

Apple Computer late Thursday issued an alert about flaws in its QuickTime media player that could allow a malicious attacker to launch a denial-of-service attack or remote code execution.

QuickTime versions 6.5.2 and 7.0.1 for the Mac OS X operating system are affected by the vulnerabilities, as well as some versions for Microsoft Windows, according to a Friday report by security company Secunia, which rated the vulnerabilities “highly critical.”

Apple has issued an update, QuickTime 7.0.3, to fix the four flaws. The patch was posted to Apple’s Web site on Oct. 12.

One vulnerability can result in a denial-of-service, or DOS, attack against any application loading remotely originated content. The flaw involves a missing movie attribute, which is interpreted as an extension. The absence of the actual extension, however, is not detected, resulting in a “dereference of a null pointer,” Apple warned.

Full story: CNET News.com

Related Posts

Post a Comment

Comment spam protected by SpamBam

About this site

Welcome to Techbeta. Techbeta is a site focussed on tech news, and freeware/open source software for Windows, Mac OS X, Pocket PC and Linux. More

Want to subscribe?

 Subscribe in a reader Or, subscribe via email:
Enter your email address:  
Find entries :