Credit to an anonymous researcher working with TippingPointis Zero Day Initiative for reporting this issue.
QUICKTIME 7.5.5 DMG UPDATE
This update addresses the issue through improved bounds checking of panorama atoms. Viewing a maliciously crafted QTVR file may lead to an unexpected application termination or arbitrary code execution.
QUICKTIME 7.5.5 DMG MOVIE
Impact: Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow exists in QuickTimeis handling of panorama atoms in QTVR (QuickTime Virtual Reality) movie files. Credit to Roee Hay of IBM Rational Application Security Research Group for reporting this issue. Impact: Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in QuickTimeis handling of panorama atoms in QTVR (QuickTime Virtual Reality) movie files.
QUICKTIME 7.5.5 DMG MAC OS X
Mac OS X v10.5 or later, Windows Vista, XP SP2 and SP3 Credit to an anonymous researcher working with TippingPointis Zero Day Initiative for reporting this issue.Īvailable for: Mac OS X v10.4.9 - v10.4.11, This issue does not affect systems running Mac OS X. This update addresses the issue by not rendering content encoded with any version of the Indeo codec. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow exists in the third-party Indeo v3.2 codec for QuickTime. Credit to Paul Byrne of NGSSoftware for reporting this issue. Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue exists in the third-party Indeo v5 codec for QuickTime, which does not ship with QuickTime. The fixes were for both Mac OS X and Windows systems and were described as follows: QuickTimeĪvailable for: Windows Vista, XP SP2 and SP3 On Tuesday, Apple posted the complete list of security issues addressed with QuickTime 7.5.5 to its list server.
0 kommentar(er)
