开业于2004年,诚信服务几万客户
翔意数码淘宝店:xynbnb.taobao.com
全国客服电话:010-59000667
地址:北京东城区东兴隆街56号北京商界A座512
ThinkPad产品专业客服 苹果产品专业客服
查看: 1976|回复: 7

[APPZ UPDATE]QuickTime 7.3.1升級發布

[复制链接]
发表于 2007-12-14 10:54 | 显示全部楼层 |阅读模式
Apple has released QuickTime 7.3.1, which addresses a number of security issues. The release is available for Windows, Leopard (10.5), Tiger (10.4), and Panther (10.3) and available in your software update. This update is recommended for all QuickTime 7 users and addresses a widely publicized security flaw in QuickTime revealed by Symantec. Details of this and other security fixes are listed in this support document.
解決了一些安全的問題,默認的系統更新及可以更新這個patch 詳細的修正list如下
QuickTime 7.3.1 QuickTime CVE-ID: CVE-2007-6166 Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2 Impact: Viewing a maliciously crafted RTSP movie may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow exists in QuickTime's handling of Real Time Streaming Protocol (RTSP) headers. By enticing a user to view a maliciously crafted RTSP movie, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue by ensuring that the destination buffer is sized to contain the data. QuickTime CVE-ID: CVE-2007-4706 Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2 Impact: Viewing a maliciously crafted QTL file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in QuickTime's handling of QTL files. By enticing a user to view a maliciously crafted QTL file, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. QuickTime CVE-ID: CVE-2007-4707 Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, XP SP2 Impact: Multiple vulnerabilities in QuickTime's Flash media handler Description: Multiple vulnerabilities exist in QuickTime's Flash media handler, the most serious of which may lead to arbitrary code execution. With this update, the Flash media handler in QuickTime is disabled except for a limited number of existing QuickTime movies that are known to be safe. Credit to Tom Ferris of Adobe Secure Software Engineering Team (ASSET), Mike Price of McAfee Avert Labs, and security researchers Lionel d'Hauenens & Brian Mariani of Syseclabs for reporting this issue.
★★★

 

 

 

发表于 2007-12-14 16:07 | 显示全部楼层
全英文 看的有点吃力
 楼主| 发表于 2007-12-14 18:19 | 显示全部楼层
原帖由 51ed 于 2007-12-14 15:07 发表 QuickTime很好吗?装威力导演也要装
mac上面沒有你講的那個導演的軟件的.而且這種集成的decode,很雜
 楼主| 发表于 2007-12-14 18:20 | 显示全部楼层
原帖由 arthur_fish 于 2007-12-14 16:07 发表 全英文 看的有点吃力
僅僅是休整bug的,沒有什麼看的明白看不明白的問題,就想windows的update,我們也很少的去看詳細的list的呀
发表于 2007-12-14 20:03 | 显示全部楼层
quicktime的插件,经常被要求装的。
发表于 2007-12-20 11:20 | 显示全部楼层
全英文
发表于 2007-12-24 12:37 | 显示全部楼层
从哪找这么多消息啊还全是英文
您需要登录后才可以回帖 登录 | 加入

本版积分规则

返回顶部