site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2010-08-12-1 QuickTime 7.6.7 QuickTime 7.6.7 is now available and addresses the following: QuickTime CVE-ID: CVE-2010-1799 Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow exists in QuickTime's error logging. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed by disabling debug logging. This issue does not affect Mac OS X systems. QuickTime 7.6.7 may be obtained from the Software Update application, or from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ For Windows 7 / Vista / XP SP2 or later The download file is named: "QuickTimeInstaller.exe" Its SHA-1 digest is: 38a132fe1969e617f33c00ebae3ce34a7695113f QuickTime 7.6.7 is not presented to Mac OS X systems. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJMZFzJAAoJEGnF2JsdZQeeF60H/2/72LHKWPc4x6i8Zf5HDarY JuD7E+DGRnzPgm62zWOpdN4e6I7ldVjQdap3yW84GmVYClzhkHBZeUqwB/PHYRyQ FXXTr15GBfOZgYFRc3YSXQhax0BPtPuJeh4oWLcpnyGAs6FvfF1buzG8JGRCZ0wZ j5ZiVutpKApu/K/OCVdB+IbRJXOYk9uUOt+fT7kQLQK1Tv5g2UBaIuRkuBciBPXT lwHOvsfpVfh7lVqcaJpjObyb5HQoJpT0HvLSroIB1vVfRcD62x7LnYAlMJUju4P3 1QuwzhIeXahq1MpoAXQ6k6j15KZ0edpMcNxtOOCPvHZnAD8FgZHVjWtAVY5qG+k= =A2mc -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com