QuickTime flaw could go beyond MySpace


Security firm FSecure said that the vulnerability has been confirmed to exist in Mac versions of QuickTime, as well as the QuickTime Alternative codec package.

"Any malicious JavaScript code exploiting [the vulnerability] would affect the users of both operating systems," said FSecure researcher S G Masood.

Apple, which makes and distributes QuickTime, distributed the fix to MySpace which then offered the patch to users who accessed the site with Internet Explorer and a detectible version of QuickTime. QuickTime flaw could go beyond MySpace - Security - www.itnews.com.au

Linked by shanmuga Tuesday, 12th December 2006 11:58PM