Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

iTunes, QuickTime Flaws Detailed

By BetaNews Staff, BetaNews

December 22, 2005, 10:39 AM

Security researcher Tom Ferris has posted details on a security vulnerability that affects the latest versions of Apple's iTunes and QuickTime software. A specially crafted .mov video file could cause a heap overflow and potentially give an attacker the ability to execute arbitrary code.

Ferris first reported the problem earlier this month and says he notified Apple at that time. He says both Mac OS X and Windows machines are affected, as are older versions of iTunes and QuickTime. Security firm Secunia has rated the vulnerability "moderately critical," as code execution has not been confirmed.

Add a Comment (5 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By jsc315

posted Dec 22, 2005 - 1:29 PM

thats a first for a mac.

Score: 0

By frankwick

posted Dec 23, 2005 - 10:37 AM

That's a first THIS MONTH for a mac. You will see more of these as the popularity of Macs increase. It's the price Apple will have to pay for "growing up."

Score: 0

By jessshaun

edited Dec 22, 2005 - 4:36 PM

No it's not... they are just quicker to fix them and most flaws do not become public.

Besides it's quicktime and iTunes... I know I'm not surprised...

Score: 0

By Fidelio

posted Dec 22, 2005 - 11:17 AM

And then, people attack Microsoft. Wasn't it that MacOS and Apple Software were bulletproof?

Who knows how many bugs like this are in MacOS... scary...

Score: 0

By lordnaastik

posted Dec 22, 2005 - 11:12 AM

Hope they fix it soon

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue