David Geer Talks Tech
Saturday, January 06, 2007
  This Apple has a hole
Courtesy of http://www.geercom.com (use this link to go home if you surfed here from my professional writing site).
Geer Communications. David Geer - your on-time technology writer!

Welcome!

Apple's QuickTime has an unpatched vulnerability (now five days old). The "Apple QuickTime RTSP URL Buffer Overflow" was first made public New Year's Day (some belated Holiday gift for Apple!).

The vulnerability--discovered with a proof-of-concept attack--exists in QuickTime versions 7.1.3 and earlier, per EEye's ZeroDays page.

A "stack-based" buffer overflow (see http://searchsecurity.techtarget.com/sDefinition/0,290660,sid14_gci549024,00.html for a definition of a buffer overflow) is to blame. In this case, an attacker could use a website-based long rtsp:// URL in a QTL file to cause the buffer to overflow.

This is considered a severe threat that could allow an attacker to execute code of choice remotely to act as a logged on user or administrator, if the machine has admin privileges.

There is as yet no 100-percent solution.

Best Regards,
David Geer - your on time technology writer!
Geer Communications
  9:38 AM 0 commentslinks to this post  
AddThis Social Bookmark Button
Talking cool technology and science news and technology tips with David Geer.

See your ad here? Well, you should! Contact david @ geercom dot com for complete details.

Subscribe to
Posts [Atom]

AddThis Feed Button

About Me

My Photo
Name: David Geer
Location: Ohio, United States

My work has been published by IEEE Computer, ITWorld.com, Data Center Management and many others.

View my complete profile

Freelance blogger for hire--contract.

Contact David Geer at david@geercom.com.

eBook: How to make MORE money as a freelance writer!

ARCHIVES
Jun 24, 2005 / Jun 25, 2005 / Jun 26, 2005 / Jun 29, 2005 / Jun 30, 2005 / Jul 1, 2005 / Jul 5, 2005 / Jul 7, 2005 / Jul 8, 2005 / Jul 11, 2005 / Jul 13, 2005 / Jul 15, 2005 / Jul 16, 2005 / Jul 17, 2005 / Jul 19, 2005 / Jul 21, 2005 / Jul 22, 2005 / Jul 23, 2005 / Jul 25, 2005 / Jul 27, 2005 / Jul 29, 2005 / Jul 31, 2005 / Aug 1, 2005 / Aug 3, 2005 / Aug 6, 2005 / Aug 8, 2005 / Aug 9, 2005 / Aug 10, 2005 / Aug 12, 2005 / Aug 15, 2005 / Aug 16, 2005 / Aug 18, 2005 / Aug 21, 2005 / Aug 25, 2005 / Aug 26, 2005 / Aug 29, 2005 / Sep 1, 2005 / Sep 2, 2005 / Sep 7, 2005 / Sep 12, 2005 / Sep 13, 2005 / Sep 14, 2005 / Sep 15, 2005 / Sep 22, 2005 / Sep 23, 2005 / Oct 1, 2005 / Oct 7, 2005 / Oct 22, 2005 / Dec 12, 2005 / Dec 28, 2005 / Feb 11, 2006 / Jul 2, 2006 / Jul 8, 2006 / Jul 9, 2006 / Aug 18, 2006 / Sep 29, 2006 / Sep 30, 2006 / Oct 3, 2006 / Oct 18, 2006 / Oct 24, 2006 / Oct 27, 2006 / Nov 26, 2006 / Nov 28, 2006 / Dec 2, 2006 / Dec 5, 2006 / Dec 7, 2006 / Dec 8, 2006 / Dec 11, 2006 / Dec 13, 2006 / Dec 14, 2006 / Dec 15, 2006 / Dec 17, 2006 / Dec 18, 2006 / Dec 22, 2006 / Dec 24, 2006 / Dec 27, 2006 / Dec 28, 2006 / Dec 30, 2006 / Jan 5, 2007 / Jan 6, 2007 / Jan 7, 2007 / Jan 10, 2007 / Jan 12, 2007 / Jan 13, 2007 / Jan 15, 2007 / Jan 17, 2007 / Jan 19, 2007 / Jan 21, 2007 / Jan 22, 2007 / Jan 23, 2007 / Jan 24, 2007 / Jan 25, 2007 / Jan 26, 2007 / Jan 27, 2007 / Jan 31, 2007 / Feb 1, 2007 / Feb 2, 2007 / Feb 3, 2007 / Feb 9, 2007 / Feb 10, 2007 / Feb 13, 2007 / Feb 14, 2007 / Feb 16, 2007 / Feb 19, 2007 / Feb 24, 2007 / Feb 26, 2007 / Feb 27, 2007 / Feb 28, 2007 / Mar 1, 2007 / Mar 2, 2007 / Mar 4, 2007 / Mar 5, 2007 / Mar 6, 2007 / Mar 7, 2007 / Mar 8, 2007 / Mar 9, 2007 / Mar 10, 2007 / Mar 11, 2007 / Mar 12, 2007 / Mar 13, 2007 / Mar 14, 2007 / Mar 15, 2007 / Mar 16, 2007 / Mar 17, 2007 / Mar 18, 2007 / Mar 19, 2007 / Mar 20, 2007 / Mar 21, 2007 / Mar 22, 2007 / Mar 23, 2007 / Mar 24, 2007 / Mar 25, 2007 / Mar 26, 2007 / Mar 27, 2007 / Mar 28, 2007 / Mar 29, 2007 / Apr 2, 2007 / Apr 4, 2007 / Apr 5, 2007 / Apr 6, 2007 / Apr 7, 2007 / Apr 12, 2007 / Apr 13, 2007 / Apr 14, 2007 / Apr 15, 2007 / Apr 23, 2007 / Apr 25, 2007 / May 4, 2007 / May 11, 2007 / May 12, 2007 / May 13, 2007 / May 17, 2007 / May 22, 2007 / May 24, 2007 / May 25, 2007 / May 26, 2007 / May 27, 2007 / May 30, 2007 / Jun 4, 2007 / Jun 6, 2007 / Jun 10, 2007 / Jun 11, 2007 / Jun 15, 2007 / Jun 16, 2007 / Jun 23, 2007 / Jun 24, 2007 / Jun 26, 2007 / Jun 27, 2007 / Jun 28, 2007 / Jun 29, 2007 / Jul 3, 2007 / Jul 4, 2007 / Jul 5, 2007 / Jul 7, 2007 / Jul 11, 2007 / Jul 13, 2007 / Jul 16, 2007 / Jul 21, 2007 / Jul 22, 2007 / Jul 23, 2007 / Jul 27, 2007 / Jul 28, 2007 / Aug 3, 2007 / Aug 4, 2007 / Aug 5, 2007 / Aug 6, 2007 / Aug 11, 2007 / Aug 13, 2007 / Aug 15, 2007 / Aug 16, 2007 / Aug 17, 2007 / Aug 18, 2007 / Aug 19, 2007 / Aug 21, 2007 / Aug 23, 2007 / Aug 25, 2007 / Aug 26, 2007 / Aug 27, 2007 / Aug 28, 2007 / Aug 29, 2007 / Aug 30, 2007 /


Powered by Blogger


Ink