|
Apple QuickTime Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA27523
|
|
|
Release Date:
|
2007-11-06
|
|
Last Update:
|
2007-11-15
|
|
Popularity:
|
15,042 views
|
|
|
Critical:
|
 Highly critical
|
|
Impact:
|
Security Bypass Exposure of sensitive information System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Apple QuickTime 7.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution: Update to version 7.3.
QuickTime 7.3 for Leopard:
http://www.apple.com/support/downloads/quicktime73forleopard.html
QuickTime 7.3 for Tiger:
http://www.apple.com/support/downloads/quicktime73fortiger.html
QuickTime 7.3 for Panther:
http://www.apple.com/support/downloads/quicktime73forpanther.html
QuickTime 7.3 for Windows:
http://www.apple.com/support/downloads/quicktime73forwindows.html
Provided and/or discovered by: 1) The vendor credits Dylan Ashe, Adobe Systems Incorporated.
2) The vendor credits Tobias Klein, www.trapkit.de.
3) The vendor credits Adam Gowdiak.
4) Mario Ballano of 48bits.com, reported via iDefense.
5, 6) Ruben Santamarta of reversemode.com, reported via ZDI.
7) Ruben Santamarta and Mario Ballano, reported via ZDI.
8) Cody Pierce, TippingPoint DVLabs
Changelog: 2007-11-09: Added link to US-CERT.
2007-11-13: Added link to 48bits.com. Updated "Description".
2007-11-14: Added link to US-CERT.
2007-11-15: Added links to US-CERT. Added vulnerability #8 and link to TippingPoint DVLabs.
Original Advisory: Apple:
http://docs.info.apple.com/article.html?artnum=306896
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=620
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-07-065.html
http://www.zerodayinitiative.com/advisories/ZDI-07-066.html
http://www.zerodayinitiative.com/advisories/ZDI-07-067.html
http://www.zerodayinitiative.com/advisories/ZDI-07-068.html
48bits.com:
http://www.48bits.com/advisories/qt_pdat_heapbof.pdf
TippingPoint DVLabs:
http://dvlabs.tippingpoint.com/advisory/TPTI-07-20
Other References: US-CERT VU#319771:
http://www.kb.cert.org/vuls/id/319771
US-CERT VU#445083:
http://www.kb.cert.org/vuls/id/445083
US-CERT VU#690515:
http://www.kb.cert.org/vuls/id/690515
US-CERT VU#797875:
http://www.kb.cert.org/vuls/id/797875
Change Page: [ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|