DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
December 10, 2016 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 83 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

Follow us
RSS
 

Apple QuickTime 7.5 released

Posted on Wednesday, June 11 2008 @ 00:30:09 CEST by


Apple has rolled out QuickTime 7.5, this update improves application compatibility and addresses security issues.
An issue in QuickTime's handling of PixData structures when processing a PICT image may result in a heap buffer overflow. Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems running Mac OS X. Credit to Dyon Balding of Secunia Research for reporting this issue.

A memory corruption issue exists in QuickTime's handling of AAC-encoded media content. Opening a maliciously crafted media file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of media files. Credit to Dave Soldera of NGS Software, and Jens Alfke for reporting this issue.

A heap buffer overflow exists in QuickTime's handling of PICT images. Opening a maliciously crafted PICT image file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Liam O Murchu of Symantec for reporting this issue.

An issue in QuickTime's handling of Indeo video codec content may result in a stack buffer overflow. Viewing a maliciously crafted movie file with Indeo video codec content may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by not rendering Indeo video codec content. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue.

A URL handling issue exists in QuickTime's handling of file: URLs. This may allow arbitrary applications and files to be launched when a user plays maliciously crafted QuickTime content in QuickTime Player. This update addresses the issue by revealing files in Finder or Windows Explorer rather than launching them. Credit to Vinoo Thomas and Rahul Mohandas of McAfee Avert Labs, and Petko D. (pdp) Petkov of GNUCITIZEN working with TippingPoint's Zero Day Initiative for reporting this issue.
You can download the latest version over here. Or if you're looking for another video player I highly suggest VLC.


 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2016 DM Media Group bvba