iTWire - Apple's QuickTime under fire - again

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

TAG

Apple's QuickTime under fire - again

E-mail

by Stephen Withers
Friday, 19 September 2008
Page 1 of 2 Just after Apple updated its QuickTime media software to version 7.5.5, a fresh vulnerability has been revealed along with a proof-of-concept exploit. Featured Whitepaper 5 Best Practices for Smartphone Support QuickTime is Apple's software component for media playback. It was ported to Windows many years ago to allow developers to use it to create cross-platform multimedia products and web sites. Apple last week released QuickTime 7.5.5 featuring "changes that increase reliability, improve application compatibility and enhance security." The security flaws it corrected related to various memory access or corruption issues, or heap buffer, stack buffer or integer overflow issues. The QuickTime update accompanied iTunes 8. The new flaw was revealed by a milw0rm.com user going by the name 'securfrog'. According to securfrog, "The "<? quicktime type= ?>" tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player [sic]." This heap overflow results in a crash, but securfrog suggests "Code execution may be possible." The trick would be to craft an exploit so that the overflow results in the execution of code previously delivered by the attacker. The problem with QuickTime vulnerabilities is that the software is used so pervasively by Mac OS X. With a few exceptions, programs that need to play audio or video content do so via QuickTime. Examples include iMovie, iTunes and (naturally) QuickTime Player. And when a user visits a web page containing graphics, movies or audio, the browser most likely calls on QuickTime to handle display or playback. What other software uses QuickTime? Please read on. << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking