Apple updates Quicktime 7.2 with eight security fixes

July 12th, 2007 by Robert Vamosi Tagged with:

In addition to providing full-screen viewing and various iPhone options, the latest version of Quicktime 7.2 includes eight important security fixes. This update affects users of Mac OS X v10.3.9, Mac OS X v10.4.9, as well as users of Windows XP and Windows Vista. The Quicktime update is available from Apple's Software Download for both Mac OS X and Windows users.

QuickTime H.264 movie files
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2295. When viewing a maliciously crafted H.264 movie, an attack may produce an unexpected application termination or arbitrary code execution. Apple credits Tom Ferris of Security-Protocols.com, and Matt Slot of Ambrosia Software, Inc. for reporting this issue.

QuickTime
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2392. When viewing a maliciously crafted movie file an attack may lead to an unexpected application termination or arbitrary code execution. Apple credits to Jonathan 'Wolf' Rentzsch of Red Shed Software for reporting this issue.

QuickTime .m4v file
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2296. When viewing a maliciously crafted .m4v file an attack may lead to an unexpected application termination or arbitrary code execution. Apple credits Tom Ferris of Security-Protocols.com for reporting this issue.

QuickTime SMIL file
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2394. When viewing a maliciously crafted SMIL file an attack may lead to an unexpected application termination or arbitrary code execution. Apple credits David Vaartjes of ITsec Security Services, working with the iDefense VCP, for reporting this issue.

QuickTime for Java
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2397. When visiting a malicious website an attack may lead to arbitrary code execution. Apple credits Adam Gowdiak for reporting this issue.

QuickTime for Java
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2393. When visiting a malicious website an attack may lead to arbitrary code execution. Apple credits Adam Gowdiak for reporting this issue.

Quicktime for Java JDirect
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2396. When visiting a malicious website an attack may lead to arbitrary code execution. Apple credits Adam Gowdiak for reporting this issue.

QuickTime for Java
This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2402. When visiting a malicious website an attack may lead to arbitrary code execution.

Share and Enjoy:

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • NewsVine
  • Reddit
  • Slashdot
  • StumbleUpon
  • Technorati

1 Response to “Apple updates Quicktime 7.2 with eight security fixes”

DaveMark
July 13th, 2007 at 2:53pm

And how many new bugs does this update add?

Add your opinion

* indicates information we require to process your submission





Your e-mail will not be displayed
You must read and type the 6 chars within 0..9 and A..F
You must read and type the 6 chars within 0..9 and A..F