SonicWALL blocks QuickTime zero-day exploit CF Apple Computer

CF Apple Computer News, Apple Laptop Computers, iPods, iPhones

Home

SonicWALL blocks QuickTime zero-day exploit

Posted on 2007 under QuickTime |

29 Nov

Networking security hardware manufacturer SonicWALL recently announced that it has distributed defensive measures to users of it’s Unified Threat Management technology, against zero-day vulnerability exploits found in QuickTime. Malicious websites are able to create a stack-based buffer overflow in Apple’s media player, by providing a phony movie file that, when activated, executes a series of code that allows a users machine to be taken over.

SonicWALL says that the problem lies within the “Content-Type” header field that is sent from the server, which is not properly verified by the client’s QuickTime. Once the “Content-Type” field reaches a certain length, a Buffer Overflow condition occurs, and through this, malevolent users can rewrite a user’s privileges so that they have read-write access to the machine.

New QuickTime bugs crawl into the open (Feb 14, 2008)
DRM in latest QuickTime cripples Adobe video editing code (Jan 25, 2008)
Researcher spots year’s first QuickTime bug (Jan 17, 2008)
QuickTime bug opens XP, Vista to attack (Dec 29, 2007)
IPhone Could Give Apple Inroad to Enterprise Sales (Dec 27, 2007)

You must be logged in to post a comment.

About Us

Community of those who are fond of Apple's ideas, design and all that incredible things they do. If you like PC's - that's your choice. We proudly consider Apple, with it's iPhone, iPod & sure - Apple Mac Air - is the best!

CF Apple Computer

SonicWALL blocks QuickTime zero-day exploit

Related Posts

Leave a comment

See Also

Categories

Archives

Recent Comments

Recent Post

About Us

Meta