September 23rd, 2008 by Keith

QuickTime Bug Security Vector Attack Alert

Posted in Audio, Mac OS, Software Companies, Video, Web Apps, Windows

According to Dave Merten, there is a security bug existing in QuickTime that may be used as a vector to attack the system. Available on both Mac OS X and Windows, the latest version of QuickTime 7.5.5 has been reported that the ” ” tag fails to handle long strings, which can lead to a heap of overflow in QuickTime Player, iTunes or any other programs that utilise media using QuickTime plug-in.

Such programs include, but not limited to, browser, Mail or even when a user attempts to view a file with Quick Look. The outcome results in crashing the programs, but the malicious code could be added to such files, and may be executed with no user interaction.

Detail are as follow:

Exploit: OSX.Exploit.QT755-1
Discovered: September 18, 2008
Risk: Low 

No patch is yet to be released.

One Response to “QuickTime Bug Security Vector Attack Alert”

  1. Teresa McGintey Says:

    I am not able to see the Quick time player on this site. Is there an update that I can download to fix this problem? I really like Google Chrome and would like to continue using it. This problem doesn’t exist in Exployer. I appreciate your help. Thank You. Teresa

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>




  • German Spanish French Italian Japanese Korean Portuguese Chinese