mailing list archives
Re: [EEYEB-20051117B] Apple iTunes (QuickTime.qts) Heap Overflow
From: Mark Senior <senatorfrog () gmail com>
Date: Wed, 11 Jan 2006 16:30:34 -0700
This must be an unintentional repost, surely?
From the description of CAN-2004-0431:
Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1
allows attackers to execute arbitrary code
From the description of CERT vuln (linked from the above CVE entry):
Upgrade to QuickTime version 6.5.1.
Date Public 02/18/2004
Date First Published 05/03/2004 03:30:59 PM
Date Last Updated 05/04/2004
On 1/11/06, Advisories <Advisories () eeye com> wrote:
EEYEB-20051117B Apple iTunes (QuickTime.qts) Heap Overflow
January 10, 2006
November 17, 2005
Patch Development Time (In Days):
Apple has released a patch for this vulnerability. The patch is
available via the Updates section of the affected applications.
This vulnerability has been assigned the CVE identifier CAN-2004-0431.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/