Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
  • Research
Home > Products and services > CSIRTUK advisories > 3417 - APPLE-SA-2007-10-03 Security Update for QuickTime 7.2

CSIRTUK advisories

3417 - APPLE-SA-2007-10-03 Security Update for QuickTime 7.2

ID: 3417
Date: 08 October 2007 21:00
Title: 3417 - APPLE-SA-2007-10-03 Security Update for QuickTime 7.2
Abstract: Description of a vulnerability that could allow arbitrary code execution.
Vendors affected:Apple
Operating Systems affected: Vista, Windows XP SP2
Applications affected:QuickTime 7.2
Advisory type: Information
Attack Vector: Vulnerability exploitation
Warning Status: Information only
Potential Damage: Remote unauthorised modification
Availability of fix: Available
Type of fix: Patch
Source: Apple
Reliability of source: Trusted
Source URL: http://www.apple.com/support/downloads/

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2007-10-03 Security Update for QuickTime 7.2

Security Update for QuickTime 7.2 is now available and addresses the following issue:

QuickTime
CVE-ID:  CVE-2007-4673
Available for:  QuickTime 7.2 on Windows Vista, XP SP2
Impact:  Viewing maliciously crafted QTL content may lead to arbitrary code execution
Description:  A command injection issue exists in QuickTime's handling of URLs in the qtnext field in files with QTL content. By enticing a user to open a specially crafted file, an attacker may cause an application to be launched with controlled command line arguments, which may lead to arbitrary code execution. This update addresses the issue through improved handling of URLs. This issue does not affect Mac OS X systems.

Security Update for QuickTime 7.2 may be obtained from the Software Update application, or from the Apple Downloads site:
http://www.apple.com/support/downloads/

The download file is named:  "SecUpdQuickTime720.msi"
Its SHA-1 digest is:  b264cbbb8e65f6e011a4161eb2d32e856b569cd7

If Apple Software Update is not already running, you can open it from the Start menu under "All Programs". By default it is installed at C:\Program Files\Apple Software Update\SoftwareUpdate.exe

To verify that your version of QuickTime has been updated:

For Windows XP:

*  In Windows Explorer, navigate to
C:\ProgramFiles\QuickTime\QTSystem\QuickTime.qts

*  Right click on QuickTime.qts, select Properties, then click the Versions tab.

If the QuickTime version is 7.2.0.245 or later, then the security update has been applied.

For Windows Vista:

*  In Windows Explorer, navigate to
C:\ProgramFiles\QuickTime\QTSystem\QuickTime.qts

*  Right click on QuickTime.qts, select Properties, then click the General tab.

If the "Date Created" indicates September 21, 2007 or later, then the security update has been applied.

Information will also be posted to the Apple Product Security web site:  http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key, and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQEVAwUBRwLTXMgAoqu4Rp5tAQjl/wf/V84tn6DszCWLuqdcs7gfsj2+3ucIvNhS
N6wD7Yti+SSbIzxVaStD4qxXbnG0FiTsTqmakxGA4awt1WjLuRzZ5nc6hDIM4Cty
N3b8lStRUkIPf1qxT20ggOnzHTwF0vw7oNM4iDn//mb/LPQCGYdDNF6X6+qpFNFR
DqoLMgPGgDsNrtTTch4zwHksPGvqceC7xpl/81+dI3s1u7zfTsAaa06cp3v47EJB
UAGrf4nFTgvkEU8h1e91xu0+d+h1I1t6alc7urY9LikjeH3rxtYO4WhAOyx6zW49
jDHVBwCLf+RKO+CWisQXqFyMFLPK/ijwyyq3zhASyMP0thi4eulwNQ==
=SGSx
-----END PGP SIGNATURE-----

This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.

The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.

CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |