Home / mailings

PDF

APPLE-SA-2010-08-12-1 QuickTime 7.6.7

Posted on 12 August 2010
Apple Security-announce

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2010-08-12-1 QuickTime 7.6.7

QuickTime 7.6.7 is now available and addresses the following:

QuickTime
CVE-ID: CVE-2010-1799
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A stack buffer overflow exists in QuickTime's error
logging. Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution. This
issue is addressed by disabling debug logging. This issue does not
affect Mac OS X systems.


QuickTime 7.6.7 may be obtained from the Software Update
application, or from the QuickTime Downloads site:
http://www.apple.com/quicktime/download/

For Windows 7 / Vista / XP SP2 or later
The download file is named: "QuickTimeInstaller.exe"
Its SHA-1 digest is: 38a132fe1969e617f33c00ebae3ce34a7695113f

QuickTime 7.6.7 is not presented to Mac OS X systems.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

 

TOP