The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Apple plugs QuickTime zero-day flaw
Time: 19:35 EST/00:35 GMT | News Source: News.com | Posted By: Jonathan Tigner

Apple on Tuesday released a QuickTime update to fix a security flaw that was used to breach a MacBook Pro at a recent security conference.

The media player vulnerability lies in QuickTime for Java, Apple said in a security alert. The hole could be exploited through a rigged Web site and let an attacker commandeer computers running both Mac OS X and Windows, the Mac maker said.

"By enticing a user to visit a Web page containing a maliciously crafted Java applet, an attacker can trigger the issue, which may lead to arbitrary code execution," Apple said. Only computers running an unfixed version of QuickTime would be at risk.

Security monitoring company Secunia deems the flaw "highly critical," one notch below its most serious rating. The update, QuickTime 7.1.6, repairs the problem by performing additional checking. Apple credits bug hunter Dino Dai Zovi and the TippingPoint Zero Day Initiative for reporting the issue.

Write Comment
Return to News

  Displaying 1 through 25 of 317
Last | Next
  The time now is 11:32:10 PM ET.
Any comment problems? E-mail us
#1 By 3653 (68.52.143.149) at 5/1/2007 9:03:50 PM
<sarcasm>
<thick>how timely</thick></sarcasm>

#2 By 3653 (68.52.143.149) at 5/1/2007 9:03:54 PM
dup

This post was edited by mooresa56 on Tuesday, May 01, 2007 at 21:04.

#3 By 37047 (216.191.227.68) at 5/2/2007 7:48:43 AM
#1: You criticize Apple for putting out a fix for this fairly quickly, but praised Microsoft for eventually fixing the ANI security flaw, which took longer to do. Considering this defect is only a week or so old, that is a pretty quick turn around time. Microsoft would have made you wait for the June security update cycle to get this, if it was a flaw in Media Player. But I guess things are still the same with you. With you, if it is not done by Microsoft, it must be bad by definition. And then you wonder why no one, other than Parkkker, takes you seriously.

#4 By 23275 (24.179.4.158) at 5/2/2007 9:00:52 AM
Mystic - this is only one of three vulns. patched. Two zero day vulns. remain.

#5 By 32132 (64.180.219.241) at 5/2/2007 9:31:26 AM
#3 How do you know for sure Apple hasn't known about this for months, and only succumbed to publicity. Apple almost never gives you enough information to figure out which patch in the usual batches of 10, 45 or 157 is how old.

#6 By 12071 (203.206.255.125) at 5/2/2007 9:58:09 AM
#1 Makes a difference from those "will they or won't they this month" moments huh :)

#4 What are the 2 outstanding ones?

#5 We don't know for sure... but if we have a quick look we'll find:
Secunia - 24 April - http://secunia.com/advisories/25011/
CVE - 24 April - http://xforce.iss.net/xforce/xfdb/33827
ZDI - 23 April - http://www.zerodayinitiative.com/advisories/ZDI-07-023.html
XForce - 23 April - http://xforce.iss.net/xforce/xfdb/33827
SecurityTracker - 24 April - http://securitytracker.com/alerts/2007/Apr/1017950.html

So let's use the worst one... 23 April ... such a long time to wait!

#7 By 23275 (24.179.4.158) at 5/2/2007 10:43:45 AM
#6, Ref: CVE version: 20061101

The Zero Day Vuln. patched was the highest profile listing as at,
CVE-2007-2175 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2175

Two remain as at,
CVE-2007-2295 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2295

and,
CVE-2007-2296 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2296

The remaining vulns. present the potential for remote code execution via crafted .MOV, or MP4 files - depending upon the method of exploitation used.

Eighty (80) vulns are presently registered at the CVE for "QuickTime" - 16 of which are for calendar year 2007.

Just because you ask "what the other two are" does not mean that they do not exist - wishing them away will not mitigate them or the danger they represent to users of Apple's products.

Source: This alert was researched and written by Corey Nachreiner, CISSP.

#8 By 32132 (142.32.208.234) at 5/2/2007 1:46:15 PM
#6 The point I am making is that on the Apple page for the patch, there is no info on when the exploit was discovered.

http://docs.info.apple.com/article.html?artnum=305446

If you just go to Apple you are kept in the dark.

Apple+Megapatch gets you 14,800 hits today on Google.

http://www.google.com/search?q=%22apple+megapatch

#9 By 12071 (203.185.215.144) at 5/2/2007 11:04:49 PM
#7 Easy there my favourite little MS shill, I was simply asking what they were as the story didn't have a link to them.

One of those vulnerabilities (http://security-protocols.com/sp-x45-advisory.php) was first reported over a year ago, which is unacceptable for no patch to have been released by now! Perhaps the solution provided there, use MPlayer, should be taken seriously :)

As for the number in 2007 or any year for that matter, that is completely irrelevant if you don't also provide the additional information of how many of those have fixes available and the severity of those vulnerabilities. We've been through this at least 200 times by now but you still prefer to play the blind numbers game.

#8 True, the best that they have provided is a "Date Created" at the bottom of the page but this is just the date on which they created the web page, not when the vulnerability was first reported.

#10 By 4240821 (213.139.195.162) at 10/27/2023 3:54:13 AM
https://sexonly.top/get/b629/b629jtnushduuxapzqa.php
https://sexonly.top/get/b247/b247vtlveiwknsmrotg.php
https://sexonly.top/get/b966/b966vbbqvnpgktxllft.php
https://sexonly.top/get/b123/b123zwepxabpvcqclxl.php
https://sexonly.top/get/b272/b272nocahyvkvcvnlif.php
https://sexonly.top/get/b95/b95wdpcvyulyecblcn.php
https://sexonly.top/get/b418/b418bvyjbnmnlciavsu.php
https://sexonly.top/get/b688/b688jofoxqtekiwkhkp.php
https://sexonly.top/get/b99/b99hsymqpnjuxyxfob.php
https://sexonly.top/get/b31/b31klxaqjqotweyccs.php
https://sexonly.top/get/b262/b262yagjxwpvysznwvq.php
https://sexonly.top/get/b6/b6donyypokpymhxbt.php
https://sexonly.top/get/b976/b976ivcmmforxxewezl.php
https://sexonly.top/get/b78/b78aqqdkhjecujtmoh.php
https://sexonly.top/get/b912/b912wypnsqakfmzkrxi.php
https://sexonly.top/get/b2/b2wxugbjngfygduit.php
https://sexonly.top/get/b757/b757sojyasduovgrzqz.php
https://sexonly.top/get/b152/b152lhfeyervmpqxjtt.php
https://sexonly.top/get/b651/b651drdjmigyqcsmloj.php
https://sexonly.top/get/b636/b636xvzgkcwgqqtqksq.php
https://sexonly.top/get/b167/b167dtxlmraghcdyscs.php
https://sexonly.top/get/b518/b518wbbtbnjcfsjmxpj.php
https://sexonly.top/get/b341/b341nreexxzreozjprd.php
https://sexonly.top/get/b190/b190wamszvmpicnwysc.php
https://sexonly.top/get/b248/b248xtjqobfahnynoiw.php
https://sexonly.top/get/b551/b551qpupxrkslvcxkpq.php
https://sexonly.top/get/b867/b867eurafsbypmkpoae.php
https://sexonly.top/get/b869/b869iejbpgsvjifieea.php
https://sexonly.top/get/b481/b481vvrxbstlgiiphtn.php
https://sexonly.top/get/b69/b69wsmvhcxnmfndehm.php
https://sexonly.top/get/b610/b610txayuwkhrthlpcs.php
https://sexonly.top/get/b108/b108pnzmwhdfsiwsbbz.php
https://sexonly.top/get/b107/b107wnnrzeyduuuioms.php
https://sexonly.top/get/b818/b818jtswzygnbuwywkn.php
https://sexonly.top/get/b891/b891jdmajcjcgpnucen.php
https://sexonly.top/get/b172/b172takcjvixcnbuzpk.php
https://sexonly.top/get/b42/b42xotzijpewdtmedy.php
https://sexonly.top/get/b316/b316hdrpxjfzmqdaijt.php
https://sexonly.top/get/b596/b596rgkjerfexrtzkav.php
https://sexonly.top/get/b199/b199swqvywknxpekvjk.php
https://sexonly.top/get/b555/b555csiayossdbhdyas.php
https://sexonly.top/get/b227/b227julbamxixbundlr.php
https://sexonly.top/get/b71/b71bugeokluqimvnhd.php
https://sexonly.top/get/b902/b902spmtdbrrqolukty.php
https://sexonly.top/get/b593/b593tzlygyndwovfrnk.php
https://sexonly.top/get/b166/b166jazqmkngbhdoeve.php
https://sexonly.top/get/b806/b806vvbcawjdwwlwhjh.php
https://sexonly.top/get/b229/b229huzeqxxwtbejmpv.php
https://sexonly.top/get/b706/b706wetxmkvomehyrvi.php
https://sexonly.top/get/b612/b612qjphinbwxdawrvk.php

#11 By 4240821 (103.151.103.150) at 10/30/2023 3:21:20 PM
https://www.quora.com/profile/NicoCohen856/Rocca-Payne-Isabel21-akemicakes-GingerKittenXXX-ruby-may-daddysbunny420-thereallilyonni-Moonxcpl-Little
https://www.quora.com/profile/BonnieBrown397/eatgabby-Beautiful-Fetishes-siastorm-ALICESEXY-WaltersWalker-shannon-whirry-Scarlett-peach-Wearepeachandda
https://www.quora.com/profile/LarrySheriff397/tadeluxx-BridgitPierce-anna-kirishima-gina-austin-NillaXxx-Sara_sweet89-True-FarmGirl-geminiii-Spicyloli
https://www.quora.com/profile/JamesGomezcoello550/naughtygirl6900-Fr0gtatt00-Gatitaguapa-Jexy29-realbabetori-callingcalypso-KiaraLane_-ECHANTRESS-manuella
https://www.quora.com/profile/JosephBlock431/MsTigress-Brandi-Lyons-Kate-Kravets-Chaos_queen-vacaqueenmx-Redrate-SpaceBunnyXXX-Lexi-Hawk-ZiaStone-K
https://www.quora.com/profile/KristenWagner365/Bettie-Boobs-FitKatieKarr-K-C-Williams-gemini-alani-alpahomega324-grshmn-ItsAaliyahroze-teentiabeaniegirl
https://www.quora.com/profile/CindyParks77/Fuckhothuswife-LilithFeet-Pinkcomet_xo-Mr_MrsNasty-MamaBattzie-Qtsnack-danica-danali-EroticErica-Elle-He
https://www.quora.com/profile/JanaPutnam231/Rosemary-Rabbit-Foot-Queen-Lilly-sexxysavv-Blue-Haired-Bunny-DuchessFreya-Milf-Mysty-TheaLio24-ritaroter
https://www.quora.com/profile/ZacharyAdams179/CaperucitayLobo1-martine-azencot-chloeluxxx-Nini-the-Brat-officialmilfqueen-hotgirlalishafox-Goddess-Naughti
https://www.quora.com/profile/JulieGonzalez269/MylenedollOfficial-Megzxxxo-PinkMaskEbony-HisSlut69-Tightonexx-bebesota_sexy-stefanie-knight-DianeAmateur

#12 By 4240821 (103.152.17.80) at 10/31/2023 9:27:08 AM
https://app.socie.com.br/Superfrydayoxclementinexo
https://app.socie.com.br/Lilbitofsweetnessmiohinata
https://app.socie.com.br/RheaOrionSandraLuesse
https://app.socie.com.br/AliceAliceMistressNoir
https://app.socie.com.br/KeiiitiThickLatina0616
https://app.socie.com.br/read-blog/98285
https://app.socie.com.br/RoxyRouxxxLovelylaynee_
https://app.socie.com.br/read-blog/97534
https://app.socie.com.br/ChloeNightSluttielola
https://app.socie.com.br/juliehollycokokiss

#13 By 4240821 (103.151.103.150) at 10/31/2023 1:17:08 PM
https://app.socie.com.br/119118117blueemotion89
https://app.socie.com.br/susiewildenMaryPopinme
https://app.socie.com.br/Sesiom92lillbunni
https://app.socie.com.br/SarahSlutwifemandapt
https://app.socie.com.br/KaleyYangAlilove
https://app.socie.com.br/read-blog/97494
https://app.socie.com.br/read-blog/98321
https://app.socie.com.br/read-blog/97182
https://app.socie.com.br/read-blog/97497
https://app.socie.com.br/MoaseraSexyvioletrainbow

#14 By 4240821 (62.76.146.75) at 11/1/2023 1:33:46 PM
http://activewin.com/mac/comments.asp?ThreadIndex=20326&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=73018&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=11714&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=33413&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=20883&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=16068&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=63939&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=12748&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=78259&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=59904&Group=Last

#15 By 4240821 (212.193.138.10) at 11/2/2023 10:48:31 PM
http://activewin.com/mac/comments.asp?ThreadIndex=3051&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=21586&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=73005&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=10876&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=2465&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=59620&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=26768&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=37787&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=55515&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=36276&Group=Last

#16 By 4240821 (109.94.216.41) at 11/4/2023 3:20:43 PM
https://hotslutss.bdsmlr.com/post/661455257
https://hotslutss.bdsmlr.com/post/660680995
https://hotslutss.bdsmlr.com/post/657306128
https://hotslutss.bdsmlr.com/post/660696758
https://hotslutss.bdsmlr.com/post/654137948
https://hotslutss.bdsmlr.com/post/661856713
https://hotslutss.bdsmlr.com/post/665099012
https://hotslutss.bdsmlr.com/post/657487520
https://hotslutss.bdsmlr.com/post/649870851
https://hotslutss.bdsmlr.com/post/652080175

#17 By 4240821 (92.119.163.194) at 11/6/2023 2:03:59 PM
https://printable-calendar.mn.co/members/19892290
https://printable-calendar.mn.co/members/19900405
https://printable-calendar.mn.co/members/19912840
https://printable-calendar.mn.co/members/19892459
https://printable-calendar.mn.co/members/19916196
https://printable-calendar.mn.co/members/19909233
https://printable-calendar.mn.co/members/19893493
https://printable-calendar.mn.co/members/19904635
https://printable-calendar.mn.co/members/19906711
https://printable-calendar.mn.co/members/19892884

#18 By 4240821 (62.76.146.75) at 11/8/2023 1:40:25 PM
https://www.hackerearth.com/@vollodorre1985
https://www.hackerearth.com/@worklozbehndac1986
https://www.hackerearth.com/@gdisduddserro1984
https://www.hackerearth.com/@riequetachve1989
https://www.hackerearth.com/@atmalidan1977
https://www.hackerearth.com/@pagcibiser1973
https://www.hackerearth.com/@nonpcolitee1972
https://www.hackerearth.com/@quibuifrinit1973
https://www.hackerearth.com/@olotecte1976
https://www.hackerearth.com/@eqizpoco1982

#19 By 4240821 (45.146.26.215) at 11/10/2023 11:04:21 AM
http://www.ttbizonline.com/pro/20231109070805
http://www.ttbizonline.com/pro/20231110045131
http://www.ttbizonline.com/pro/20231109124053
http://www.ttbizonline.com/pro/20231110045131
http://www.ttbizonline.com/pro/20231109173007
http://www.ttbizonline.com/pro/20231109075614
http://www.ttbizonline.com/pro/20231109055719
http://www.ttbizonline.com/pro/20231110043808
http://www.ttbizonline.com/pro/20231109113535
http://www.ttbizonline.com/pro/20231110000204

#20 By 4240821 (109.94.216.41) at 11/11/2023 7:46:38 PM
https://www.mddir.com/company/lusty-savita-manyvids-leaked/
https://www.mddir.com/company/ellie_nacht-fansly-leak/
https://www.mddir.com/company/dani-aswhin-clips4sale-leaked/
https://www.mddir.com/company/amber-rosie-fansly-leak/
https://www.mddir.com/company/mini-moon-clips4sale-leaked/
https://www.mddir.com/company/earthxwitch-fansly-leaked/
https://www.mddir.com/company/lynn712-manyvids-leak/
https://www.mddir.com/company/astrid-star-clips4sale-leaked/
https://www.mddir.com/company/ha_run-patreon-leak/
https://www.mddir.com/company/nina-bonet-clips4sale-leak/

#21 By 4240821 (194.190.178.141) at 11/12/2023 1:44:30 PM
https://instem.res.in/comment/reply/3742/720443
https://instem.res.in/comment/reply/2557/720344
https://instem.res.in/comment/reply/2557/720299
https://instem.res.in/comment/reply/2557/720280
https://instem.res.in/comment/reply/2646/720389
https://instem.res.in/comment/reply/2557/720365
https://instem.res.in/comment/reply/3774/720505
https://instem.res.in/comment/reply/2841/720541
https://instem.res.in/comment/reply/2557/720212
https://instem.res.in/comment/reply/3790/720534

#22 By 4240821 (45.146.26.215) at 11/13/2023 9:57:16 PM
https://telegra.ph/Lil-Prism-Female-onlyfans-Leaked-10-30
https://sexonly.top/get/b997/b997kjqoogtunjmgeuh.php
https://sexonly.top/get/b376/b376lldrpiolzwddyhm.php
https://sexonly.top/get/b951/b951mdscspmfhkreuzz.php
https://sexonly.top/get/b643/b643hwmcmrwgjxpjuxn.php
https://sexonly.top/get/b318/b318ikcsgtffemnkxtc.php
https://sexonly.top/get/b825/b825dtpiezvwqjydbww.php
https://zmut.com/pin/213124562202049196
https://sexonly.top/get/b382/b382ndocxdbmnfqbqqb.php
https://sexonly.top/get/b225/b225gcaytkabitotaci.php

#23 By 4240821 (62.76.153.10) at 11/14/2023 9:53:26 PM
https://sexonly.top/get/b259/b259uxfcrhvhzpufsgp.php
https://hotslutss.bdsmlr.com/post/657627369
https://sexonly.top/get/b839/b839knpiufioshudmvr.php
http://activewin.com/mac/comments.asp?ThreadIndex=65810
https://telegra.ph/Jenny-Goodwine---Washington--District-of-Columbia--USA-12-03
https://sexonly.top/get/b261/b261eceoztdzmxfhvvr.php
https://sexonly.top/get/b239/b239jemcnhyqmgozrfv.php
https://sexonly.top/get/b466/b466zmvhmlvpoyrtnvr.php
https://telegra.ph/Makoshake-Topless-Clips4sale-Leak-12-07
https://sexonly.top/get/b51/b51ejkvsbqsqbyovqx.php

#24 By 4240821 (194.226.185.83) at 11/15/2023 4:01:26 AM
https://telegra.ph/IvanaKnoll-knolldoll-Country-Girl-Boosty-Leak-11-29
https://sexonly.top/get/b808/b808sdqfeblydicvulo.php
https://sexonly.top/get/b890/b890pqsfnlypuumswdr.php
https://sexonly.top/get/b343/b343ivehgnyhnuyishp.php
https://sexonly.top/get/b342/b342nqaltqbfvvxuarz.php
https://sexonly.top/get/b634/b634dykjsryzvbekxkf.php
https://sexonly.top/get/b528/b528drswtniuabswvkg.php
https://sexonly.top/get/b495/b495edkmeelpsoithsv.php
https://sexonly.top/get/b245/b245slfduxbmahxwtqi.php
https://sexonly.top/get/b748/b748wcuptwnoqzgkeca.php

#25 By 4240821 (2.57.151.31) at 11/15/2023 10:01:40 PM
https://sexonly.top/get/b117/b117hrdwmpyipwrabid.php
https://app.socie.com.br/denalidinkluMimiBunny
https://telegra.ph/AliceDelish-Facesitting-Fansly-Leak-01-15
https://sexonly.top/get/b736/b736hkodklccwebfdjt.php
https://sexonly.top/get/b720/b720tduxbhhfnzctnjb.php
https://sexonly.top/get/b322/b322fhonyzkhubjhdad.php
https://sexonly.top/get/b733/b733regokxxzulqsail.php
https://sexonly.top/get/b379/b379hjpgimnhhxlmyae.php
https://sexonly.top/get/b168/b168iiafrcamjzuednn.php
https://sexonly.top/get/b181/b181hkyzhshezncuayb.php

Write Comment
Return to News
  Displaying 1 through 25 of 317
Last | Next
  The time now is 11:32:10 PM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *