Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Apple QuickTime Java Handling Unspecified Code Execution InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple QuickTime Java Handling Unspecified Code Execution

Published: 2007-04-24
Last Updated: 2007-04-24 21:54:43 UTC
by Deborah Hale (Version: 1)
0 comment(s)
Secunia Advisory: SA25011


Secunia has posted an advisory today that involves Apple Quicktime Java. According to the advisory this is a highly critical problem that affects versions 3.x, 4.x, 5.x, 6.x and 7.x. The vulnerability is due to an unspecified error within the Java handling in QuickTime. This can be exploited allowing execution of arbitrary code when a user visits a malicious web site using a Java-enabled browser e.g. Safari or Firefox.

For more information see:

secunia.com/advisories/25011/
Keywords:
0 comment(s)
Diary Archives