John's web design and music blog
QuickTime 7.5.5 released fixing multiple vulnerabilities
Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An uninitialized memory access issue exists
in the third-party Indeo v5 codec for QuickTime, which does not ship
with QuickTime. Viewing a maliciously crafted movie file may lead to
an unexpected application termination or arbitrary code execution.
This update addresses the issue by not rendering content encoded
with any version of the Indeo codec. This issue does not affect
systems running Mac OS X. Credit to Paul Byrne of NGSSoftware for
reporting this issue.[Read More]
Tags:
quicktime
security
internet
auscer
Posted at 01:37PM Sep 10, 2008
by John Chen |


About Me