Published: 2008-01-21T11:24+00:00
Last Updated: 2008-02-25T00:00+00:00
TRTA08-016A
Apple QuickTime Updates for Multiple Vulnerabilities
Overview
Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
Event Information
| Date (UTC) | Description |
| 2008-02-06 20:58 |
Apple Article ID: 307407: About the security content of QuickTime 7.4.1 |
| 2008-01-16 20:36 |
US-CERT TA08-016A: Apple QuickTime Updates for Multiple Vulnerabilities Via US-CERT Mailing List Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. |
| 2008-01-16 18:18 |
US-CERT Apple Releases Security Update to Address Multiple Vulnerabilities in QuickTime US-CERT Current Activity Apple has released QuickTime 7.4, iPhone v1.1.3, and iPod touch v1.1.3 to address multiple vulnerabilities in these products. The impacts of these vulnerabilities include arbitrary code execution, application termination, authentication bypass, and cross-site scripting. |
| 2008-01-15 22:09 |
SANS Internet Storm Center Apple releases QuickTime 7.4 with security fixes Apple has just released QuickTime 7.4 which fixes several security vulnerabilities. |
| 2008-01-14 |
Buffer-overflow in Quicktime Player 7.3.1.70 Vulnerability Proof Of Concept (Buffer overflow in Apple Quicktime Player - CVE-2008-0234) The problem is a buffer-overflow which happens during the handling of the HTTP error message and its visualization in the LCD-like screen which contains info about the status of the connection. #Cid: quicktimebof.zip |
| 2008-01-11 |
Apple Article ID: 307301: About the security content of QuickTime 7.4 |
| 2008-01-10 |
Buffer-overflow in Quicktime Player 7.3.1.70 Vulnerability Proof Of Concept (Buffer overflow in Apple Quicktime Player - CVE-2008-0234) The problem is a buffer-overflow which happens during the filling of the LCD-like screen containing info about the status of the connection. #Cid: 27225.txt |
| 2007-10-19 |
TippingPoint TPTI-08-01: Apple Quicktime Image File IDSC Atom Memory Corruption Vulnerability IDSC Atom Memory Corruption Vulnerability (CVE-2008-0033) Vulnerability Reported |
| 2007-09-13 |
iDefense Apple QuickTime Macintosh Resource Processing Heap Corruption Vulnerability Resource Processing Heap Corruption Vulnerability (CVE-2008-0032) Vulnerability Reported The vulnerability specifically exists in the handling of Macintosh Resources embedded in QuickTime movies. When processing these records, a length value stored in the resource header is not properly validated. When a length value larger than the actual buffer size is supplied, potentially exploitable memory corruption occurs. |