Skip to content

customize
National Cyber Alert System
Technical Cyber Security Alert TA09-022A archive

Apple QuickTime Updates for Multiple Vulnerabilities

Original release date: January 22, 2009
Last revised: --
Source: US-CERT

Systems Affected

  • Apple QuickTime 7.5 for Windows and Mac OS X

Overview

Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary code or cause a denial of service.


I. Description

Apple QuickTime 7.6 addresses a number of vulnerabilities affecting QuickTime. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted media or movie file. This file could be hosted on a web page or sent via email.


II. Impact

The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution and denial of service.


III. Solution

Upgrade to QuickTime 7.6. This and other updates are available via Software Update or via Apple Downloads.


IV. References



Feedback can be directed to US-CERT.


Produced 2009 by US-CERT, a government organization. Terms of use


Revision History

January 22, 2009: Initial release

Last updated January 22, 2009
print this document