Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Apple QuickTime Java Handling Unspecified Code Execution - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple QuickTime Java Handling Unspecified Code Execution
Secunia Advisory: SA25011


Secunia has posted an advisory today that involves Apple Quicktime Java. According to the advisory this is a highly critical problem that affects versions 3.x, 4.x, 5.x, 6.x and 7.x. The vulnerability is due to an unspecified error within the Java handling in QuickTime. This can be exploited allowing execution of arbitrary code when a user visits a malicious web site using a Java-enabled browser e.g. Safari or Firefox.

For more information see:

secunia.com/advisories/25011/
Deborah

278 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!