Apple patches flaw in QuickTime software

James Delahunty
24 Jan 2007 18:31

Apple Computer Inc. has patched a flaw in Quicktime that could be exploited by an attacker to run arbitrary code on a machine. The bug was discovered by a group of researchers who were investigating the Macintosh operating system and some third party software titles for it as part of the "Month of Apple Bugs" program. A total of 31 discovered vulnerabilities will be announced as a result.
This specific bug in QuickTime could be exploited using a specially crafted web page to cause a buffer overflow vulnerability in order to execute the arbitrary code. So far this is only issue patched by Apple itself. The fix prevents the Quicktime software from launching a malicious RTSP URL by performing additional validation.

Source:
Betanews

More from us
We use cookies to improve our service.