Sunnz
Who wants a stylus?
On a FreeBSD mailing list, someone quoted Apple:
So, what about OSX? Do we have this vulnerability in the pre-installed quicktime as well? Did Apple really announced this? Does anyone know if there is an official Apple Security Advisory list?
Of course, they are most concerned with win32codecs on their OS...The Apple Security Team reports that there are multiple
vulnerabilities within QuickTime (one of the plugins for
win32-codecs). A remote attacker capable of creating a malicious SGI
image, FlashPix, FLC movie, or a QuickTime movie can possibly lead to
execution of arbitrary code or cause a Denial of Service (application
crash).
Users who have QuickTime (/win32-codecs) as a browser plugin may be
vulnerable to remote code execution by visiting a website containing a
malicious SGI image, FlashPix, FLC movie or a QuickTime movie.
So, what about OSX? Do we have this vulnerability in the pre-installed quicktime as well? Did Apple really announced this? Does anyone know if there is an official Apple Security Advisory list?