This must be an unintentional repost, surely? >From the description of CAN-2004-0431:
Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code >From the description of CERT vuln (linked from the above CVE entry): III. Solution Upgrade Upgrade to QuickTime version 6.5.1. (...) Other Information Date Public 02/18/2004 Date First Published 05/03/2004 03:30:59 PM Date Last Updated 05/04/2004 On 1/11/06, Advisories <[EMAIL PROTECTED]> wrote: > EEYEB-20051117B Apple iTunes (QuickTime.qts) Heap Overflow > > Release Date: > January 10, 2006 > > Date Reported: > November 17, 2005 > > Patch Development Time (In Days): > 54 Days (snip) > Vendor Status: > Apple has released a patch for this vulnerability. The patch is > available via the Updates section of the affected applications. > This vulnerability has been assigned the CVE identifier CAN-2004-0431. > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
