Users of Apple QuickTime 7.6.6 and 7.6.8 please be advised of an Array-Indexing vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
Quicktime-SA-11/11/2010: QuickTime Sorenson Video 3 Array-Indexing Vulnerability
Affected Software
* Apple QuickTime 7.6.6 and 7.6.8
NOTE: Other versions may also be affected.
Description of Vulnerability
Secunia Research has discovered a vulnerability in QuickTime, which
can be exploited by malicious people to compromise a user's system.
The vulnerability is caused by an array-indexing error when parsing
Sorenson Video 3 content and can be exploited to corrupt memory during
decompression via a specially crafted file.
Successful exploitation may allow execution of arbitrary code.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/awaVrS
No comments:
Post a Comment