You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa QuickTime

Sigurnosni nedostaci programskog paketa QuickTime

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

APPLE-SA-2016-01-07-1 QuickTime 7.7.9

[Re-sending with a valid signature]

QuickTime 7.7.9 is now available and addresses the following:

QuickTime
Available for: Windows 7 and Windows Vista
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in QuickTime.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7085 : an anonymous researcher
CVE-2015-7086 : an anonymous researcher
CVE-2015-7087 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7088 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7089 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7090 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7091 : Pedro Ribeiro (pedrib@gmail.com) of Agile Information
Security
CVE-2015-7092 : Jaanus Kp Clarified Security working with HP’s Zero
Day Initiative
CVE-2015-7117 : Ryan Pentney and Richard Johnson of Cisco Talos

—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – https://gpgtools.org

iQIcBAEBCgAGBQJWjxMiAAoJEBcWfLTuOo7t16wP/RNhjITSBZmBDZP61IOjKARD
5v69y+LkXLDNPlUkpB15Qjq3HDvZnFDwl3RSlZgAlQDO/GSqqWBnhsAEdO+5AAR1
LZqlVdERGHeeyfpuQ85waxf18O1dbg+R6SwM74SYRBXPujGQk9yT326I0X/EdXON
8upmGfzv8HvPsg712ei5YK8bumxsCh/LqM6TpA6oMF/bltaIbZ/OO3LNovZn9GQc
9taWVwP707FIjnJ7yKHzHnp6fH+79tqi5Dl0uZ7D446c7+B5ehPE7aUd29XqFrpE
tgJzSDu2ZuVIz9RpC8Np+Bn8CSKqD6Kao7M5x4CVLWmpIYUpGKTIItUhvtXJ1jFY
CyXXgse54w2ZG6hWE2gTmIvyn4/qVaSi8vlguEuk6IvA6kZeLdrc097OMPMPHlN/
I8T2A04Oj6rUsllf2uZih42nwve6CYpC9mh9/HLz0O+m0ue/L9HwIoto87OCmfi3
2RwyAoBLjMZUoOMLr9DjlQglQnTnNY8LjjZKRr9ug5V/tN8F051NeILDDj2vSf0q
PI5JHoBD2LnJcxU+XI1JM/9amCYwBHjd94fcSp7H9BkdIzYshW4Deooc58EnjxVv
5hlwMIqqk2m911TsOjNpkVuysABoIB8hX3el3py4V+3sLoM5cVYa+FNS7+FGzG47
UJ/4c68fdMRAbGx4KfoW
=ERtQ
—–END PGP SIGNATURE—–

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

APPLE-SA-2016-01-07-1 QuickTime 7.7.9

QuickTime 7.7.9 is now available and addresses the following:

QuickTime
Available for: Windows 7 and Windows Vista
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in QuickTime.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7085 : an anonymous researcher
CVE-2015-7086 : an anonymous researcher
CVE-2015-7087 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7088 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7089 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7090 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7091 : Pedro Ribeiro (pedrib@gmail.com <mailto:pedrib@gmail.com>) of Agile Information
Security
CVE-2015-7092 : Jaanus Kp Clarified Security working with HP’s Zero
Day Initiative
CVE-2015-7117 : Ryan Pentney and Richard Johnson of Cisco Talos

—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – https://gpgtools.org <https://gpgtools.org/>

iQIcBAEBCgAGBQJWjuROAAoJEBcWfLTuOo7tBzIQAIl0NnIVeKBmNEkpptnqkSbF
7TjTFTq38Jk+iQIabC3H3e5Gei7/0j87www+H6YDVCG93XvTVwOi+OkB3/Rgd7ah
EiN6hFX4ZyTc/lLZ4ZQ1dRnHmOJlPSwwa0us4GQMLzl0ZScGYZo9L84agorws8MZ
WsNyGcNvhR3vUxMkEx8ANvFKTAm9UO082/ugWICeYQL0ceHYRFPzXZARVn02ASmQ
Q9wdPhIA0qaB8LQKwN8UnzBeBA4ytnoKjIGsbsNoYmaOzcgEs2k1rbMymsXJNG7r
pNCBKpFro25SahdF2FZDVt0TJs+EKbWX+VPSmdWQMdbsWsbS0mNhkWFIAOUpps0y
Q0ohk3ctoD8L5ejyqrlcfK4fPIwCU1sBDEOYZtPvz8EK9RNRU4+iehQqYSDiUp02
UA83r4LkGt1zEdomAIMV/QtzhFkKl++tfHt6JuqOWx/9C0vpv7B6fbGNt+ABujXa
+JUDa/QS1TUVqkVCR86BSz2xWZPQdVjZGyXSTJHslz1sDsHs+mCju1trI83Je6W1
cD5y3kkBBfGjElQ6stl5lHJGGp8PXxu+e6A4c1nRv6DeUyl8FZi0As+459WAkowg
vkSMyaUXUEbt15e5xoTxhzce9dPDczPy2+2uvNCOKMvJt89QIDnoaXteUHSXHcrD
naf/Oh37SbzvWAzkYYnB
=4BZX
—–END PGP SIGNATURE—–
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa shellinabox

Otkriveni su sigurnosni nedostaci u programskom paketu shellinabox za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje DNS rebinding...

Close