Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!




netsfr netsfr writes  |  about 8 years ago

netsfr (839855) writes "Some slashdotters and others thought that Apple may not respond to the Month Of Apple Bugs, but Apple has posted a bug fix for the Quicktime bug posted earler on the MOAB website. Quote from Apple's website: http://docs.info.apple.com/article.html?artnum=304 989

Security Update 2007-001



            CVE-ID: CVE-2007-0015

Available for: QuickTime 7.1.3 on Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.8, Mac OS X Server v10.4.8, Windows XP/2000

Impact: Visiting malicious websites may lead to arbitrary code execution

Description: A buffer overflow exists in QuickTime's handling of RTSP URLs. By enticing a user to access a maliciously-crafted RTSP URL, an attacker can trigger the buffer overflow, which may lead to arbitrary code execution. A QTL file that triggers this issue has been published on the Month of Apple Bugs web site (MOAB-01-01-2007). This update addresses the issue by performing additional validation of RTSP URLs."


netsfr has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?