You're viewing an article in iPO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site: Potential Security Flaw in iTunes, QuickTime

News

Potential Security Flaw in iTunes, QuickTime

Wednesday, December 21st, 2005 at 8:45 AM - by Staff

Security-Protocols is reporting that there is a possible security problem in QuickTime and iTunes for both Mac and Windows users. The security risk, called a Heap Overflow, affects Mac OS X 10.4.3 and Windows PCs capable of running Win32 code. The flaw was tested with QuickTime 7.0.3 and iTunes 6.0.1, but the report claims that all version are at risk.

The security risk takes advantage of a Heap Overflow caused by a specially crafted .MOV file to crash QuickTime and iTunes, allowing an attacker to potentially run arbitrary code.

The report also notes that Apple has been notified of the security issue. Apple does not publicly respond to security issues until a fix is available.


Warning: include(/var/www/bbm/ipodobserver.com/htdocs/comments/includes/constants.php) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 188

Warning: include() [function.include]: Failed opening '/var/www/bbm/ipodobserver.com/htdocs/comments/includes/constants.php' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 188

Warning: include(/var/www/bbm/ipodobserver.com/htdocs/comments/includes/template.php) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 189

Warning: include() [function.include]: Failed opening '/var/www/bbm/ipodobserver.com/htdocs/comments/includes/template.php' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 189

Warning: include(/var/www/bbm/ipodobserver.com/htdocs/comments/includes/sessions.php) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 190

Warning: include() [function.include]: Failed opening '/var/www/bbm/ipodobserver.com/htdocs/comments/includes/sessions.php' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 190

Warning: include(/var/www/bbm/ipodobserver.com/htdocs/comments/includes/auth.php) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 191

Warning: include() [function.include]: Failed opening '/var/www/bbm/ipodobserver.com/htdocs/comments/includes/auth.php' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 191

Warning: include(/var/www/bbm/ipodobserver.com/htdocs/comments/includes/functions.php) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 192

Warning: include() [function.include]: Failed opening '/var/www/bbm/ipodobserver.com/htdocs/comments/includes/functions.php' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 192

Warning: include(/var/www/bbm/ipodobserver.com/htdocs/comments/includes/db.php) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 193

Warning: include() [function.include]: Failed opening '/var/www/bbm/ipodobserver.com/htdocs/comments/includes/db.php' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 193

Fatal error: Call to undefined function encode_ip() in /var/www/bbm/ipodobserver.com/htdocs/comments/common.php on line 204