Log in

View Full Version : iTunes and Quicktime Flaw Discovered


Kent Pribbernow
12-23-2005, 12:00 AM
"Security researcher Tom Ferris has posted details on a security vulnerability that affects the latest versions of Apple's iTunes and QuickTime software. A specially crafted .mov video file could cause a heap overflow and potentially give an attacker the ability to execute arbitrary code. Ferris first reported the problem earlier this month and says he notified Apple at that time. He says both Mac OS X and Windows machines are affected, as are older versions of iTunes and QuickTime. Security firm Secunia has rated the vulnerability "moderately critical," as code execution has not been confirmed."

http://www.digitalmediathoughts.com/images/bug.gif

This isn't surprising. Similar security issues have afflicted Windows Media Player and RealPlayer in the past, so it was only a matter of time before vulnerabilities were discovered in Quicktime as well. This should put an end to the delusional belief that Apple's software is somehow infallible and cannot be breached. :roll:

Mr. MacinTiger
12-23-2005, 12:26 AM
Even if OS X is not foolproof, at this point it is a HELL of a lot better than anything MS offers. :twisted:

Macguy59
12-23-2005, 03:08 AM
Nice overstatement Kent :roll: So long as the user is not stupid enough to run as root there is only a limited amount of damage things like this can do.