You're viewing an article in iPO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site: Potential Security Flaw in iTunes, QuickTime
Potential Security Flaw in iTunes, QuickTime
Wednesday, December 21st, 2005 at 8:45 AM - by Staff
Security-Protocols is reporting that there is a possible security problem in QuickTime and iTunes for both Mac and Windows users. The security risk, called a Heap Overflow, affects Mac OS X 10.4.3 and Windows PCs capable of running Win32 code. The flaw was tested with QuickTime 7.0.3 and iTunes 6.0.1, but the report claims that all version are at risk.
The security risk takes advantage of a Heap Overflow caused by a specially crafted .MOV file to crash QuickTime and iTunes, allowing an attacker to potentially run arbitrary code.
The report also notes that Apple has been notified of the security issue. Apple does not publicly respond to security issues until a fix is available.
- Editorial - It's Time for the Promised, Unlocked iPhone 3Gs
- Wal-Mart Employees Confirm iPhone Rumors
- The RIAA vs. 19 Year Old Cancer Patient
- Mac Gaming News - Gameloft Brings Hero of Sparta to the iPhone
- Free on iTunes - Return to the Moon, JPL, Stranger Things And More
- Apple Claims 300 Million App Store Downloads, 10,000 Apps Available