Each of the vulnerabilities affects users of MacOS 10.3.9, 10.4.9 and 10.5 as well as Windows XP and Vista.
Six of the vulnerabilities could allow attackers to remotely execute code on the targeted machine.
Three of the remote code execution vulnerabilities could be exploited when the user launches a specially-crafted movie file.
Two are exploited by way of malformed Pict files, and one can be targeted by way of a specially-crafted QuickTime VR file.
The update also addresses a flaw in the way QuickTime handles untrusted Java applets. Apple said that this could allow an attacker to run malicious Java code on the user's machine.
The update fixes the issue by preventing untrusted applets from running QuickTime's Java components.
Users can obtain the update through Apple's Software Update utility or the Apple Downloads site.
Apple releases seven QuickTime fixes
By
Shaun Nichols
on Nov 12, 2007 7:22AM
Apple has patched seven vulnerabilities in the latest version of QuickTime affecting the Windows and MacOS X versions of the media player software.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
How Covid highlighted the importance of digital fitness in the public sector
Partner Content
Why IT departments need to rethink procurement
Promoted Content
The new way to work needs a new way to lead
Promoted Content
Why just having the right technology isn't enough
Sponsored Whitepapers
Develop a resiliency strategy that integrates risk analysis & continuity management
.jpg&w=100&c=1&s=0)
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
.jpg&w=100&c=1&s=0)
Optimise your operations with APM and AI-Powered insights
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Technology skill development: The strategy for building better teams
