Status Tracking Note TRTA07-065A

Apple Releases Security Updates for QuickTime

Overview

Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
Event Information


Date (UTC)Description
2007-03-06 22:00 US-CERT
Apple Releases Security Update to Address Multiple QuickTime Vulnerabilities
Apple has released QuickTime 7.1.5 Update to address multiple vulnerabilities in QuickTime. The impacts of these vulnerabilities include remote code execution and denial of service.
2007-03-06 19:04 US-CERT
TA07-065A: Apple Releases Security Updates for QuickTime
Via US-CERT Mailing List
2007-03-06 08:57 Sowhat
Apple QuickTime udta ATOM Integer Overflow
Advisory Updated (The CVE-2006-1460 does not patch the root cause of this vulnerability.)
An integer overflow exists in QuickTime's handling of UDTA atoms in movie files. (CVE-2007-0714)
2007-03-05 SANS Internet Storm Center
Security update for QuickTime (7.1.5)
Apple released a new version of QuickTime (7.1.5) which contains numerous bug fixes and a lot of important security patches.
2007-03-05 Apple
Article ID: 305149: About the security content of QuickTime 7.1.5
2006-12-06 iDefense
Apple QuickTime Color Table ID Heap Corruption Vulnerability
A heap buffer overflow exists in QuickTime's handling of QTIF files.(CVE-2007-0718)
Vulnerability Reported
2006-08-14 Zero Day Initiative (ZDI)
ZDI-07-010: Apple Quicktime UDTA Parsing Heap Overflow Vulnerability
An integer overflow exists in QuickTime's handling of UDTA atoms in movie files. (CVE-2007-0714)
Vulnerability Reported
2006-05-06 Sowhat
Apple QuickTime udta ATOM Integer Overflow
An integer overflow exists in QuickTime's handling of UDTA atoms in movie files. (CVE-2006-1460)
Vulnerability Reported
2006-03-09 Piotr Bania
Apple QuickTime Player Remote Heap Overflow
Apple QuickTime movie heap buffer overflow vulnerability(CVE-2007-0713)
Vulnerability Reported


Date first published (UTC): 2007-03-08T23:18+00:00
Date last updated (UTC): 2007-03-08T23:18+00:00