6 February 2008 @ 15:51QuickTime 7.4.1 now available
QuickTime 7.4.1 is now available vie Software Update.
QuickTime 7.4.1 addresses security issues and improves compatibility with third-party applications.
From the security info page on Apple’s site:
CVE-ID: CVE-2008-0234
Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2
Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime’s handling of HTTP responses when RTSP tunneling is enabled. By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
by Jon | Add a comment | Posted in apple, software | Link to this