 |
More of my sitesWinInfo Daily News
|
About this siteFor six years, the Internet Nexus served as my technology blog, but I've since started blogging at the SuperSite Blog instead. If you're looking for the blog, please head there. --Paul Thursday, March 04, 2004Apple QuickTime security vulnerabilityeEye: "Software Affected: Apple QuickTime. Severity: High. Remote Code Execution: Yes. Description: A vulnerability in default installations of the affected software that allows malicious code to be executed with little user interaction."Inquirer: "Apple QuickTime Player ... has a flaw that permits a hacker to gain access and run software on users' computers ... The glitch affects all QuickTime platforms. Apparently Apple was told about the problem on February 18 and there is no patch available." MacFixIt: "An advisory from eEye.com notes a "high severity" vulnerability in Apple's QuickTime software that "allows malicious code to be executed with little user interaction." No further details are available, as eEye.com's policy is to provide details to the affected vendor but not release those details to the public until the vulnerability has been patched by the vendor." IGM: "Apple was informed of the problem 11 days ago. In keeping with eEye's policies, the specifics of the vulnerability remain confidential until the company concerned releases a patch. Analysis: It's unclear whether this might affect Mac or Windows editions of QuickTime or both. Keep an eye out for a minor security [????] update soon." [ Posted at 11:19 AM | Permalink ]
|
|
Nexus Home | Nexus Archives | Email Paul
|