Apple has issued an update for the Mac and Windows versions of QuickTime.
The update addresses 11 vulnerabilities in the multimedia player software, nine of which could be exploited by an attacker to remotely execute code on a target system.
Apple has fixed 11 vulnerabilities in QuickTime
Apple fixes critical QuickTime flaws
XP, Vista and Mac OS X versions affected
vnunet.com, 03 Apr 2008
Advertisement
All the flaws affect Windows XP and Vista systems. Eight of the vulnerabilities also affect the Mac OS X version of QuickTime.
Five remote code execution flaws could be exploited by way of specially-crafted movie files.
Such files could also be used to execute another flaw which allows for the launching of external URLs, which Apple said could allow for information disclosure.
Three of the flaws could be exploited by way of Pict files and used by an attacker for remote code execution.
The remaining two flaws include a remote code execution flaw in the handling of QuickTime VR files and a flaw which could allow Java applets to obtain elevated privileges.
The QuickTime update can be obtained via Apple's Software Update utility or at the Apple Downloads site.
Further reading
Related articles
Related whitepapers
Related jobs
Most read stories
IT white papers
Top categories
- Information Technology Infrastructure Library (ITIL)
- Service Oriented Architecture (SOA)
- Enterprise Systems Management
- Network Security
- Storage Management
Hiring now on ComputingCareers:
Advertisement
Advertisement
Watch
20 Nov 2008
9.43 MBComputing podcast: Europol's data sharing woes; credit card protection at Cotton Traders More...
Spotlight
Video: vnunet.com weekly debrief
Phil Muncaster and BusinessGreen.com editor James Murray discuss the week's... More...
vnunet.com analysis: CIOs outline IT spending priorities
IT chiefs advise looking for high-value projects rather than suspending... More...
Secondary navigation
Do you agree?
Have your say on this article