[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CSIRTUK ADVISORY - 3417 - Apple - Security Update for QuickTime 7.2


CSIRTUK ADVISORY - 3417 dated 08.10.07 time 21:00

Centre for the Protection of National Infrastructure (CPNI)


 Further details about CPNI, including information about our products
can be
 found at www.cpni.gov.uk

 Please note that CSIRTUK RSS Feeds are available from:

APPLE-SA-2007-10-03 Security Update for QuickTime 7.2


ID: 3417
Date: 08 October 2007 21:00

Title: 3417 - APPLE-SA-2007-10-03 Security Update for QuickTime 7.2
Abstract: Description of a vulnerability that could allow arbitrary code
Vendors affected:Apple
Operating Systems affected: Vista, Windows XP SP2
Applications affected:QuickTime 7.2 
Advisory type: Information
Attack Vector: Vulnerability exploitation
Warning Status: Information only
Potential Damage: Remote unauthorised modification
Availability of fix: Available
Type of fix: Patch
Source: Apple
Reliability of source: Trusted
Source URL: http://www.apple.com/support/downloads/

Hash: SHA256

APPLE-SA-2007-10-03 Security Update for QuickTime 7.2

Security Update for QuickTime 7.2 is now available and addresses the
following issue:

CVE-ID:  CVE-2007-4673
Available for:  QuickTime 7.2 on Windows Vista, XP SP2
Impact:  Viewing maliciously crafted QTL content may lead to arbitrary
code execution
Description:  A command injection issue exists in QuickTime's handling
of URLs in the qtnext field in files with QTL content. By enticing a
user to open a specially crafted file, an attacker may cause an
application to be launched with controlled command line arguments, which
may lead to arbitrary code execution. This update addresses the issue
through improved handling of URLs. This issue does not affect Mac OS X

Security Update for QuickTime 7.2 may be obtained from the Software
Update application, or from the Apple Downloads site:

The download file is named:  "SecUpdQuickTime720.msi"
Its SHA-1 digest is:  b264cbbb8e65f6e011a4161eb2d32e856b569cd7

If Apple Software Update is not already running, you can open it from
the Start menu under "All Programs". By default it is installed at
C:\Program Files\Apple Software Update\SoftwareUpdate.exe

To verify that your version of QuickTime has been updated:

For Windows XP:

*  In Windows Explorer, navigate to

*  Right click on QuickTime.qts, select Properties, then click the
Versions tab.

If the QuickTime version is or later, then the security update
has been applied.

For Windows Vista:

*  In Windows Explorer, navigate to

*  Right click on QuickTime.qts, select Properties, then click the
General tab.

If the "Date Created" indicates September 21, 2007 or later, then the
security update has been applied.

Information will also be posted to the Apple Product Security web site:

This message is signed with Apple's Product Security PGP key, and
details are available at:

Version: PGP Desktop 9.0.6 (Build 6060)



CPNI values your feedback.

1. Which of the following most reflects the value of the advisory to
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__

2. If you did not find it useful, why not?

3. Any other comments? How could we improve our advisories?

Thank you for your contribution.


CSIRTUK wishes to acknowledge the contributions of Apple for the
contained in this advisory.

This advisory contains information released by the original author. Some
of the
information may have changed since it was released. If the issue affects
it may be prudent to retrieve the advisory from the site of the original
source to ensure that you receive the most current information
concerning that

Reference to any specific commercial product, process, or service by
name, trademark manufacturer, or otherwise, does not constitute or imply
endorsement, recommendation, or favouring by CPNI. The views and
opinions of
authors expressed within this notice shall not be used for advertising
product endorsement purposes.

CPNI shall not accept responsibility for any errors or omissions
within this advisory. In particular, they shall not be liable for any
loss or
damage whatsoever, arising from or in connection with the usage of
contained within this advisory.

CSIRTUK is a member of the Forum of Incident Response and Security Teams
and has contacts with other international Incident Response Teams (IRTs)
order to foster cooperation and coordination in incident prevention, to
rapid reaction to incidents, and to promote information sharing amongst
members and the community at large.

<End of CPNI Advisory>

The original of this email was scanned for viruses by the Government Secure Intranet Anti-Virus service supplied by Cable&Wireless in partnership with MessageLabs. (CCTM Certificate Number 2006/04/0007.) On leaving the GSi this email was certified virus free.
Communications via the GSi may be automatically logged, monitored and/or recorded for legal purposes.