About the security content of QuickTime 7.5
(セキュメモ経由,QuickTime 7.5を公開: Digital & AlfaRomeo BLOG経由)
Quicktime7.5がリリースされたとの事。5種類の脆弱性に対応している模様
PICT系とか開くだけで任意のコードが実行できるようで危険ですねぇ。
- Impact: Opening a maliciously crafted PICT image file may lead to an unexpected application termination or arbitrary code execution
- Impact: Opening a maliciously crafted AAC-encoded media content may lead to an unexpected application termination or arbitrary code execution
- Impact: Opening a maliciously crafted PICT image file may lead to an unexpected application termination or arbitrary code execution
- Impact: Viewing maliciously crafted Indeo video media content may lead to an unexpected application termination or arbitrary code execution
- Impact: Playing maliciously crafted QuickTime content in QuickTime Player may lead to arbitrary code execution
ダウンロードは以下から。
関連URL
- http://www.us-cert.gov/current/index.html#apple_releases_quicktime_7_5
- http://isc.sans.org/diary.html?storyid=4547&rss
- Alerts | US-CERT
- Apple,5件の脆弱性を修復した「QuickTime 7.5」を公開 | 日経 xTECH(クロステック)
- MSFN - Where people go to know
- QuickTimeのアップデート公開、深刻な脆弱性に対処 - ITmedia エンタープライズ
- http://www.cyberpolice.go.jp/important/2008/20080611_144843.html