About the security content of QuickTime 7.5

（セキュメモ経由,QuickTime 7.5を公開: Digital & AlfaRomeo BLOG経由）

Quicktime7.5がリリースされたとの事。5種類の脆弱性に対応している模様

PICT系とか開くだけで任意のコードが実行できるようで危険ですねぇ。

Impact: Opening a maliciously crafted PICT image file may lead to an unexpected application termination or arbitrary code execution

Impact: Opening a maliciously crafted AAC-encoded media content may lead to an unexpected application termination or arbitrary code execution

Impact: Opening a maliciously crafted PICT image file may lead to an unexpected application termination or arbitrary code execution

Impact: Viewing maliciously crafted Indeo video media content may lead to an unexpected application termination or arbitrary code execution

Impact: Playing maliciously crafted QuickTime content in QuickTime Player may lead to arbitrary code execution

ダウンロードは以下から。

Download QuickTime 7.7.9 for Windows

関連URL

http://www.us-cert.gov/current/index.html#apple_releases_quicktime_7_5

http://isc.sans.org/diary.html?storyid=4547&rss

Alerts | US-CERT

Apple，5件の脆弱性を修復した「QuickTime 7.5」を公開 | 日経 xTECH（クロステック）

MSFN - Where people go to know

QuickTimeのアップデート公開、深刻な脆弱性に対処 - ITmedia エンタープライズ

http://www.cyberpolice.go.jp/important/2008/20080611_144843.html