Hmmm, actually it did get posted. At least I received it as usual via imagicomm - Interesting. ______________________ Roger ----- Original Message ----- From: "Support-OrpheusComputing.com" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Friday, November 04, 2005 8:28 AM Subject: PCWorks: Apple QuickTime Multiple Vulnerabilities
> (Here we go again with a message not getting posted. 2nd try). > > > TITLE: > Apple QuickTime Multiple Vulnerabilities > > SECUNIA ADVISORY ID: > SA17428 > > VERIFY ADVISORY: > http://secunia.com/advisories/17428/ > > CRITICAL: > Highly critical > > IMPACT: > DoS, System access > > WHERE: > >From remote > > SOFTWARE: > Apple QuickTime 7.x > http://secunia.com/product/5090/ > Apple Quicktime 6.x > http://secunia.com/product/810/ > > DESCRIPTION: > Vulnerabilities in Apple QuickTime, which can be exploited by > malicious people to cause a DoS (Denial of Service) and > potentially to compromise a user's system. > > 1) An integer overflow error exists in the handling of a > "Pascal" style string when loading a ".mov" video file. This > can result in memory overwrite due to a large memory copy, > potentially allowing arbitrary code execution via a specially > crafted video file. > > 2) An integer overflow error exists in the handling of certain > movie attributes when loading a ".mov" video file. This can > result in memory overwrite due to a large memory copy, > potentially allowing arbitrary code execution via a specially > crafted video file. > > 3) A NULL pointer dereferencing error exists when handling > certain missing movie attributes from a video file. This may be > exploited to crash an application that uses QuickTime when a > specially crafted video file is loaded. > > 4) A boundary error exists in the QuickTime PictureViewer when > decompressing PICT data. This may be exploited to cause a > memory overwrite, potentially allowing arbitrary code execution > via a specially crafted PICT picture file. > > The vulnerabilities have been reported in the following > versions: > * QuickTime version 6.5.2 and 7.0.1 for Mac OS X. > * QuickTime versions 7.x prior to 7.0.3 for Windows. > > Prior versions may also be affected. > > SOLUTION: > Update to version 7.0.3. > http://www.apple.com/support/downloads/quicktime703.html > > ORIGINAL ADVISORY: > Apple: > http://docs.info.apple.com/article.html?artnum=302772 ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
