ITPRO

Printed from www.itpro.co.uk

Register to receive our regular email newsletter at http://www.itpro.co.uk/registration.

The newsletter contains links to our latest IT news, product reviews, features and how-to guides, plus special offers and competitions.

Skip to navigation

    Apple patches QuickTime buffer overflow

Fix for buffer overflow that allows hackers to run arbitrary code execution in QuickTime's handling of RTSP URLs.

By Simon Aughton, 24 Jan 2007 at 10:45

Apple has released a security update that addresses a vulnerability in QuickTime where visiting malicious websites may lead to arbitrary code execution.

The flaw is caused by a buffer overflow in QuickTime's handling of RTSP URLs. By enticing a user to access a maliciously-crafted RTSP URL, an attacker can trigger the buffer overflow, which may lead to the execution of code.

The vulnerability was discovered by the Month of Apple Bugs project, which has published a QTL file that triggers the flaw. The update addresses the issue by performing additional validation of RTSP URLs.

Security Update 2007-001 is available for Mac OS X 10.3.9 Panther and Mac OS X 104.8 systems from apple.com/support/downloads. For more information see info.apple.com/kbnum/n304989.

Email to a friend

Print this page

Social Bookmark this article: What is this?

Add to: DiggDigg
Add to: Del.icio.usDelicious
Add to: RedditReddit
Add to: StumbleUponStumbleUpon
Add to: SlashdotSlashdot
Add to: GoogleGoogle
Add to: FacebbokFacebook

Be the first to comment on this article

You need to Login or Register to comment.

advertisement

    Latest Internet Features

The continued curse of cybersquatting

For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.

Read more

 

More Internet Features

    Latest Internet Reviews

Fujitsu Siemens FibreCAT SX80 iSCSI

Rating: 5

It may be a late entry to the IP SAN party but the FibreCAT SX80 iSCSI aims to beat the rest on value, features and ease of use.

Read more

 

More Internet Reviews

advertisement

    Latest News Videos in Internet

Easynet

Video: Q&A with Easynet Connect's Chris Stening

Play Video: Q&A with Easynet Connect's Chris Stening   Play

IT PRO spoke to Chris Stening, managing director of Easynet’s SME division, about whether ISPs are giving businesses the service they deserve.

 

    Blogs

A Busman's Holiday to Invisible Hard Disk Land

Read more

 

    White papers

Want more background on today's hottest IT trends?

Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.

    Register for IT PRO

You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.

Register
Advertisement