Firefox Susceptible To QuickTime Security Flaw

Firefox Susceptible To QuickTime Security Flaw 231

Posted by kdawson on Tuesday November 27, 2007 @03:56PM from the exploit-available-in-the-wild dept.

Hugh Pickens writes "Apple's QuickTime media player software contains a previously undocumented security weakness in the way QuickTime handles the RTSP media-streaming protocol. The vulnerability is present in QuickTime versions 4.0 through 7.3 (the latest version) on both Windows and Mac systems. Symantec has tested the publicly available exploit code and found that it failed to work properly against Internet Explorer 6/7 or Safari 3 Beta but the exploit works against Firefox if users have chosen QuickTime as the default player for multimedia formats. Firefox users are more susceptible to this attack because Firefox farms off the request directly to the QuickTime Player as a separate process outside of its control, while IE loads the QuickTime Player as an internal plugin and when the overflow occurs, standard buffer-overflow protection is triggered, shutting down the affected processes before any damage can occur."

Firefox Susceptible To QuickTime Security Flaw

This discussion has been archived. No new comments can be posted.

Search 231 Comments Log In/Create an Account

Comments Filter:

That does it for me... (Score:5, Funny)

by skeftomai ( 1057866 ) writes: on Tuesday November 27, 2007 @04:00PM (#21496165)

Man, I'm using IE from now on. It's WAY more secure...

Troll -1 (Score:4, Funny)

by dgr73 ( 1055610 ) writes: on Tuesday November 27, 2007 @04:05PM (#21496245)

"Quicktime bug!?! Oh sweet Joseph of Arimathea!!!! Quick, inform the users.. YES BOTH OF THEM!"

Re:And this is a firefox problem... (Score:5, Funny)

by sm62704 ( 957197 ) writes: on Tuesday November 27, 2007 @04:23PM (#21496503) Journal

Glass half empty, half full type thing.

The optimist says the glass is half full. The pessimist says the glass is half empty. The scientist says there is .3764666437 litres. The realist says "there's not enough". The doctor says "he's dead, Jim".

Re:And this is a firefox problem... (Score:5, Funny)

by znode ( 647753 ) * writes: <znode@noSPAM.gmx.de> on Tuesday November 27, 2007 @04:35PM (#21496681) Homepage

The engineer says that the glass is twice as large as it needs to be.

Jack Bauer found out where the glass was, who drank the water, and which government they worked for.

Re:And this is a firefox problem... (Score:5, Funny)

by thomas.galvin ( 551471 ) writes: <.moc.nivlag-samoht. .ta. .todhsals.> on Tuesday November 27, 2007 @05:07PM (#21497189) Homepage

(and for the first time ever, IE just kind of sat off to the side and shrugged it's shoulders in disinterest that it isn't affected).
As opposed to all of the times IE just kind of sat off to the side and shrugged it's shoulders in disinterest even though it was affected.

Re:And this is a firefox problem... (Score:1, Funny)

by Obsi ( 912791 ) writes: on Thursday November 29, 2007 @07:23PM (#21525741)

640 mL should be enough for anyone.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Firefox Susceptible To QuickTime Security Flaw 231

Firefox Susceptible To QuickTime Security Flaw More Login

Firefox Susceptible To QuickTime Security Flaw

That does it for me... (Score:5, Funny)

Troll -1 (Score:4, Funny)

Re:And this is a firefox problem... (Score:5, Funny)

Re:And this is a firefox problem... (Score:5, Funny)

Re:And this is a firefox problem... (Score:5, Funny)

Re:And this is a firefox problem... (Score:1, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot