Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21223
HistoryJan 23, 2009 - 12:00 a.m.

US-CERT Technical Cyber Security Alert TA09-022A -- Apple QuickTime Updates for Multiple Vulnerabilities

2009-01-2300:00:00
vulners.com
12
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                National Cyber Alert System

          Technical Cyber Security Alert TA09-022A

Apple QuickTime Updates for Multiple Vulnerabilities

Original release date: January 22, 2009
Last revised: –
Source: US-CERT

Systems Affected

 * Apple QuickTime 7.5 for Windows and Mac OS X

Overview

Apple has released QuickTime 7.6 to correct multiple
vulnerabilities affecting QuickTime for Mac OS X and Windows.
Attackers may be able to exploit these vulnerabilities to execute
arbitrary code or cause a denial of service.

I. Description

Apple QuickTime 7.6 addresses a number of vulnerabilities affecting
QuickTime. An attacker could exploit these vulnerabilities by
convincing a user to access a specially crafted media or movie
file. This file could be hosted on a web page or sent via email.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences
include arbitrary code execution and denial of service.

III. Solution

Upgrade to QuickTime 7.6. This and other updates are available via
Software Update or via Apple Downloads.

IV. References

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA09-022A.html>

Feedback can be directed to US-CERT Technical Staff. Please send
email to <[email protected]> with "TA09-022A Feedback VU#703068" in
the subject.

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html&gt;.

Produced 2009 by US-CERT, a government organization.

Terms of use:

 &lt;http://www.us-cert.gov/legal.html&gt;

Revision History

January 22, 2009: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSXj25HIHljM+H4irAQKNIgf+LSBKBzHWdjxmJgYw3vYmAXtwpUxAVThs
Ma4vIB1vSjv8Us83S2XrKIGcKrdPgQgeS7Vji9WRMmlzEv/AYlFJseqq17ufGely
5YosATUh+C0SjY6OAYeJNYMws7fgGcGJagtfQp0gJTRLruknEoB/iqlASBQ7MtNg
7viHKIR8r2BxCNB1A4ir1kzPELIHFF/pmmuaD+E2PnxH1XtYLM9b9t6xbkjie2PG
vEwv7JCGH/RrJtst480ZMIHOghsZ0ONoMkTjZB7o5S0ww3guktGOMB+/QiZI8eFB
KbU6nB6JGscZ8Fb1E4K3yOU9MvpzEfurIvYmyMcAdxFCiq5CSUjOug==
=B5D3
-----END PGP SIGNATURE-----

JSON