/>
X
Business
Home Business Companies Apple

Apple drops QuickTime patch

Apple on Wednesday dropped a patch for QuickTime to fix a arbitrary code execution vulnerability.Relative to other recent QuickTime patches this one was small--only one vulnerability that could lead to an "unexpected application termination or arbitrary code execution" if a user visits a malicious Web site.
Written by Larry Dignan, Contributor on

Apple on Wednesday dropped a patch for QuickTime to fix a arbitrary code execution vulnerability.

Relative to other recent QuickTime patches this one was small--only one vulnerability that could lead to an "unexpected application termination or arbitrary code execution" if a user visits a malicious Web site.

QuickTime 7.4.1 covers the following vulnerability (CVE-2008-0234). Here's Apple's description.

A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled. By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.

This flaw has been around for about a month.

Editorial standards
Show Comments

Related

chat bot

What is ChatGPT and why does it matter? Here's what you need to know

A robot texting on a smartphone in space

How to use ChatGPT: What you need to know

How to use the new Bing

How to use the new Bing (and how it's different from ChatGPT)