Quicktime exploit danger for Firefox users

According to an advisory from the US-CERT, the vulnerability stems from a weakness in the way QuickTime handles a type of media-streaming communications called the “real time streaming protocol” (RTSP). Attackers could exploit the flaw merely by convincing users to click on a poisoned link, open a malicious e-mail attachment, or visit a specially crafted Web page. US-CERT says the vulnerability is present in QuickTime versions 4.0 through 7.3 (the latest version) on both Windows and Mac systems.

Interestingly, researchers at Symantec say they tested the publicly available exploit code for this flaw and found that it failed to work properly against Internet Explorer 6/7 as well as Safari 3 Beta; in those tests, the exploit simply crashes QuickTime. But Symantec said the exploit worked perfectly against Firefox if users have chosen QuickTime as the default player for multimedia formats. (link)


0 Responses to “Quicktime exploit danger for Firefox users”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 29 other followers

Technorati – Blog Search

Add to Technorati Favorites

submit express


%d bloggers like this: