QuickTime v 7.4.5 Patches 11 Flaws

Techtree News Staff, Apr 04, 2008 1238 hrs IST

Three of the 11 are exclusive to Windows while the remaining eight are common to both Windows and Mac versions of QuickTime Media Player.

E-Mail Print

Late yesterday, Apple released QuickTime Media Player version 7.4.5 that patches 11 flaws in the software; three of which are exclusive to the Windows platform while the remaining eight are common to both Windows and Mac versions.

Here's quickly looking at all eleven patches:

CVE-2008-1013 fixes a flaw wherein an implementation issue in QuickTime for Java allows untrusted Java applets to de-serialize objects provided by QTJava.

CVE-2008-1014 addresses a vulnerability whereby specially-crafted QuickTime movies can automatically open external URLs, which may lead to information disclosure.

CVE-2008-1015 fixes another movie file flaw wherein a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.

Patches -- CVE-2008-1016, CVE-2008-1017, and CVE-2008-1018 -- all address flaws wherein downloading malicious movies may lead to code execution and application termination.

CVE-2008-1019 fixes a flaw whereby a maliciously crafted PICT image file may lead to an unexpected application termination or arbitrary code execution.

CVE-2008-1020, CVE-2008-1021 are applicable exclusively to Windows Vista and XP SP2 and address a vulnerability wherein opening a maliciously crafted PICT image file may lead to unexpected application termination or arbitrary code execution. Apple has credited an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting the flaws.

CVE-2008-1022, applicable to both Windows and Mac platforms, deals with a flaw wherein viewing a maliciously crafted QuickTime VR movie file may lead to unexpected application termination or arbitrary code execution. Apple has again credited an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this flaw.

The last patch, the CVE-2008-1023 is available exclusively for the Windows platform and addresses a flaw wherein opening a maliciously crafted PICT image file may lead to unexpected application termination or arbitrary code execution.

For users of Mac OS X 10.3, 10.4, and 10.5, they can update their QuickTime software using the operating system's "Software Update" feature in the Apple menu. Windows users meanwhile can download the update by opening QuickTime, and using the 'Update Existing Software' feature available in the help menu. Meanwhile, details of the updates can be found here.

VIEW ALL LATEST

New Macbook Pro Pic Leaked

News > Gadgets , October 14, 2008 1213 hrs IST

Official launch today ...

Sony Xperia X1 Unboxed

News > Gadgets , October 14, 2008 1112 hrs IST

Also gets compared with the HTC Touch Pro ...

Now, Visit the Forbidden City Virtually

News > Internet , October 14, 2008 1153 hrs IST

Take a tour of the world renowned palace for free ...

Apple Dumping Intel for Nvidia?

News > Gadgets , October 14, 2008 1236 hrs IST

Speculations run rife before the launch ...

New Chatbot Closer To Passing Turing AI Test

News > Software , October 14, 2008 0847 hrs IST

Almost as annoying as a human ...

Jetway HA07

Reviews > Basics > Motherboards , October 13, 2008 1301 hrs IST

Jetway brings out a new board for the enthusiast on a budget. ...

Three best free software updaters

Reviews > Software > Productivity , October 12, 2008 1000 hrs IST

These are some of the best software updaters I've come across in my quest to keep my system up-to-date. ...

Motorola MOTOZINE ZN5

Reviews > Mobile Computing > Mobile Phones , October 10, 2008 1916 hrs IST

This is Motorola's first attempt at a 5MP camera and that too a Kodak Imaging branded camera. ...

Sharp LC-32A33M

Reviews > Basics > Specials , October 10, 2008 2122 hrs IST

Take a look at this elegant 32-inch LCD TV and find out if it's a worthy buy. ...

Turn your PC into a Karaoke Machine

Techtree.com India > Guides > Software Guides , October 09, 2008 1000 hrs IST

Let the singer within you cut loose - we show you how. ...

Western Digital - Passport Elite Portable Hard Drives 320 GB, USB 2.0

User Reviews , October 08, 2008 1804 hrs IST

Must have for your back-up, storage needs. Sleek design, handy, portable, noiseless and most of all efficient and fast. Better than most portable drives I have used. ...

Nokia - 5220 XpressMusic

User Reviews , October 06, 2008 1249 hrs IST

Great phone for he music freaks, and has good design too. Overall good phone to have, though can wait for price to drop further ...

Nokia - 3110 classic

User Reviews , September 24, 2008 2105 hrs IST

The phone is a gr8 piece only if doesnt has the sw bug which most ofthe 3110c`s have.The phone restarts on its own and sometimes keeps on doing that for hours.Otherwise the phone is quite good...all the features loaded within suitable range with decent looks.But I would recomment 5200 as it has same features and is almost the same range and DOESNT RESTARTS.If u dont mind slider phones,go for 5200. ...

Sify - Nostale

User Reviews , September 22, 2008 1228 hrs IST

It is of no use ...

Jabra - BT8010

User Reviews , September 11, 2008 1956 hrs IST

Buy the Plantronics Voyager 855 ...

Mirror's Edge: PS3 Hands on Impression

Games > Previews , October 07, 2008 1737 hrs IST

One of the most visually stunning game ...

Flatout Ultimate Carnage: PC Review

Games > Reviews , October 01, 2008 1842 hrs IST

Here's a game that lets you take part in various races, trash your opponents, and win more boost while doing so. ...

Facebreaker [PS3 Review]

Games > Reviews , September 25, 2008 1626 hrs IST

Facebreaker is neither for the hardcore, nor for the casual gaming audience. It succeeds only in offering a frustrating experience ...

Mercenaries 2: World in Flames [PS3 Review]

Games > Reviews , September 22, 2008 1753 hrs IST

Meet interesting people, blow them up. If you like explosions, this is the game for you ...

Too Human -- Review

Games > Reviews , September 16, 2008 1609 hrs IST

An experience Too Ordinary. Too Human offers little more than frustration -- at both its execution and at the potential that it has squandered ...

WildBit Viewer

Downloads > Multimedia Tools , October 14, 2008 1103 hrs IST

WildBit Viewer is a compact & fast image viewer .. ...

Kruptos

Downloads > Security and Privacy Tools , October 13, 2008 1114 hrs IST

Kruptos 2 is a very easy-to-use and powerful 128 .. ...

MDB Viewer Plus

Downloads > Productivity Tools , October 12, 2008 1000 hrs IST

MDB Viewer Plus is a freeware viewer plus an editor .. ...

Rise and Fall: Civilizations at War

Downloads > Games , October 11, 2008 0900 hrs IST

Midway's Rise and Fall Civilizations at War is now .. ...

Networx

Downloads > Productivity Tools , October 10, 2008 1123 hrs IST

NetWorx is a simple and free, yet powerful tool .. ...

Why-Fi?

Editor Talks , October 01, 2008 1858 hrs IST

While I endorse securing home and private networks, I am totally against the suggestion of abolishing internet hotspots. ...

Freedom to Connect

Editor Talks , August 07, 2008 1701 hrs IST

The Telecom sector is buzzing. Are we set to turn a new leaf? ...

Man and Machine

Editor Talks , July 02, 2008 1909 hrs IST

Any new idea that doesn't sound absurd to begin with, cannot be revolutionary. ...

It's Showtime!

Editor Talks , May 29, 2008 1926 hrs IST

A show about the site, new technology and the readers too; what say? ...

Of Air and Higher Ground

Editor Talks , April 24, 2008 1940 hrs IST

The Macbook Air isn't a great product but a step in the right direction. ...

Ads That Target You Using Your Skin

Future Watch , October 14, 2008 0850 hrs IST

Prepare for the new Body Area Network.. ...

Carbon Nanotubes Make Superglue Look Silly

Future Watch , October 10, 2008 1151 hrs IST

New material will change the face of glue forever.. ...

See-through Cars Will Show You Everything

Future Watch , October 09, 2008 0755 hrs IST

Will (hopefully) prevent you from dinging your prec.. ...

Control Games With Your Brain

Future Watch , October 08, 2008 1324 hrs IST

But don't let them control you.. ...

Robot That Will Save Us From Our Own Future

Future Watch , October 07, 2008 1044 hrs IST

Here comes a 'friendly' robot that will help us save the.. ...

INTEL (R) PENTIUM 4 IS MY PC ITS MOTHERB...

Problems and Solutions , October 14, 2008 1212 hrs IST

Sir One Mr Abhisek Misra working in you...

General , October 14, 2008 0805 hrs IST

Motorola A180!!!!! That my first touchy ...

Buying Advice & Price / Dealer Info , October 14, 2008 0633 hrs IST

i hav shortlisted three of these caMS, ...

Buying Advice & Price / Dealer Info , October 14, 2008 0108 hrs IST

when i turn on computer,. my computer ha...

Problems and Solutions , October 13, 2008 2315 hrs IST

its not about only rohan guys....

Hardware , by s.rajat from Mumbai

err so after u leave for ur jo...

Hardware , by rokza from Mumbai

good companies for nvidia card...

Hardware , by rokza from Mumbai

Ok...I'll see for it if I go w...

Hardware , by acemanoj from Mumbai

hi lloyd...its rohan not rohit...

Hardware , by rohan30186 from Mumbai

please provide the adress and phone numberof ..

by N. venu arvind from hyderabad on October 14, 2008 1229 hrs IST

Acer Opens New Service Centers

suggest me nokia handset below 3000 & activities ..

by babloo from bangalore on October 14, 2008 1228 hrs IST

Diwali Offers: Nokia Exchange & Upgrade

hi, they did't have a Lancard Option I Want ..

by satish from Hyderabad on October 14, 2008 1221 hrs IST

New Epson Stylus Photo 1390 A3+

Sir, This is Sachin Badkul From M/S ..

by Badkul Brothers from Sagar (M.P) on October 14, 2008 1218 hrs IST

AirTel Launches Digital TV

hi i am too sexy if u need in gal friend ..

by rachna from delhi on October 14, 2008 1218 hrs IST

Nokia 2300

Certified SAP Tra...

by soinfotech (www.soinfotech.com) from Delhi on October 13, 2008 1227 hrs IST

Training

Ducat IT Training...

by Ducat: IT Training Institute from NOIDA on October 13, 2008 1224 hrs IST

Consultancy

MCA Final Year Li...

by Ducat: IT Training Institute from NOIDA on October 13, 2008 1221 hrs IST

Consultancy

Embedded / Oracle...

by Ducat: IT Training Institute from NOIDA on October 13, 2008 1221 hrs IST

Training

Ducat: IT Trainin...

by Ducat: IT Training Institute from NOIDA on October 13, 2008 1219 hrs IST

Training

MOST REQUESTED REVIEWS

Products Brands

Mobile Phones (346)

Notebooks (133)

Digital Cameras (95)

Monitors (52)

See All

USER REVIEWS

Request Write

Product Category:

Brand

Model

Product Category:

Brand

Model

QuickTime v 7.4.5 Patches 11 Flaws

Write a comment

VIEW ALL LATEST

MOST REQUESTED REVIEWS

USER REVIEWS

MOST POPULAR NEWS

MOST POPULAR REVIEWS

MOST POPULAR GAMES

MOST POPULAR DOWNLOADS