Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary code or cause a denial of service.
Apple QuickTime 7.6 addresses a number of vulnerabilities affecting QuickTime. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted media or movie file. This file could be hosted on a web page or sent via email.
The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution and denial of service.
Upgrade to QuickTime 7.6. This and other updates are available via Software Update or via Apple Downloads.
Feedback can be directed to US-CERT.
Produced 2009 by US-CERT, a government organization. Terms of use
January 22, 2009: Initial release