Apple has released a Quicktime update for Leopard, Tiger, Panther, and Windows. The update fixes a dangerous security flaw in the program.
QuickTime 7.3.1
QuickTime ● CVE-ID: CVE-2007-6166 ● Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2 ● Impact: Viewing a maliciously crafted RTSP movie may lead to an unexpected application termination or arbitrary code execution ● Description: A buffer overflow exists in QuickTime's handling of Real Time Streaming Protocol (RTSP) headers. By enticing a user to view a maliciously crafted RTSP movie, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue by ensuring that the destination buffer is sized to contain the data.
QuickTime ● CVE-ID: CVE-2007-4706 ● Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2 ● Impact: Viewing a maliciously crafted QTL file may lead to an unexpected application termination or arbitrary code execution ● Description: A heap buffer overflow exists in QuickTime's handling of QTL files. By enticing a user to view a maliciously crafted QTL file, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
QuickTime ● CVE-ID: CVE-2007-4707 ● Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2 ● Impact: Multiple vulnerabilities in QuickTime's Flash media handler ● Description: Multiple vulnerabilities exist in QuickTime's Flash media handler, the most serious of which may lead to arbitrary code execution. With this update, the Flash media handler in QuickTime is disabled except for a limited number of existing QuickTime movies that are known to be safe. Credit to Tom Ferris of Adobe Secure Software Engineering Team (ASSET), Mike Price of McAfee Avert Labs, and security researchers Lionel d'Hauenens & Brian Mariani of Syseclabs for reporting this issue.
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
![Apple Releases New Build of iOS 18 Beta 4 and iPadOS 18 Beta 4 [Download]](/images/news/94387/94387/94387-160.jpg "Apple Releases New Build of iOS 18 Beta 4 and iPadOS 18 Beta 4 [Download]")
![Apple Falls to Sixth Place in Chinese Smartphone Market [Report]](/images/news/94383/94383/94383-160.jpg "Apple Falls to Sixth Place in Chinese Smartphone Market [Report]")
![Apple Commits to President Biden's AI Safety and Security Standards [Report]](/images/news/94382/94382/94382-160.jpg "Apple Commits to President Biden's AI Safety and Security Standards [Report]")
![New 13-inch M2 iPad Air On Sale for $99.01 Off [Lowest Price Ever]](/images/news/94385/94385/94385-160.jpg "New 13-inch M2 iPad Air On Sale for $99.01 Off [Lowest Price Ever]")
![Apple 13-inch M3 MacBook Air (16GB RAM, 512GB SSD) On Sale for $200 Off! [Deal]](/images/news/94379/94379/94379-160.jpg "Apple 13-inch M3 MacBook Air (16GB RAM, 512GB SSD) On Sale for $200 Off! [Deal]")
![Single Apple AirTag On Sale for $23.99 [Deal]](/images/news/94372/94372/94372-160.jpg "Single Apple AirTag On Sale for $23.99 [Deal]")
![Samsung 49-inch Odyssey G93SC OLED Curved Monitor On Sale for $500 Off [Deal]](/images/news/94366/94366/94366-160.jpg "Samsung 49-inch Odyssey G93SC OLED Curved Monitor On Sale for $500 Off [Deal]")
![New 24-inch iMac With M3 On Sale for $150 Off! [Lowest Price Ever]](/images/news/94344/94344/94344-160.jpg "New 24-inch iMac With M3 On Sale for $150 Off! [Lowest Price Ever]")
