The release of QuickTime 7.1.5 brings excelent news : 7 critical vulnerabilities have been patched. The impact of most of them are described as may lead to an application crash or arbitrary code execution

• CVE-ID: CVE-2007-0711 Impact: Viewing a maliciously-crafted 3GP file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2007-0712 Impact: Viewing a maliciously-crafted MIDI file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2007-0713 Impact: Viewing a maliciously-crafted Quicktime movie file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2007-0714 Impact: Viewing a maliciously-crafted Quicktime movie file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2007-0715 Impact: Viewing a maliciously-crafted PICT file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2007-0716 Impact: Opening a maliciously-crafted QTIF file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2007-0717 Impact: Opening a maliciously-crafted QTIF file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2007-0718 Impact: Opening a maliciously-crafted QTIF file may lead to an application crash or arbitrary code execution
• CVE-ID: CVE-2006-4965 Impact: Viewing a maliciously-crafted QuickTime movie file or QTL file may lead to arbitrary JavaScript code execution in context of the local domain

Read the release notes

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!