The Notebook Review forums were hosted by TechTarget, who shut down them down on January 31, 2022. This static read-only archive was pulled by NBR forum users between January 20 and January 31, 2022, in an effort to make sure that the valuable technical information that had been posted on the forums is preserved. For current discussions, many NBR forum users moved over to NotebookTalk.net after the shutdown.
Problems? See this thread at archive.org.

    Month of Apple Bugs

    Discussion in 'Apple and Mac OS X' started by cashmonee, Jan 2, 2007.

  1. cashmonee

    cashmonee Notebook Virtuoso NBR Reviewer

    Reputations:
    787
    Messages:
    2,859
    Likes Received:
    0
    Trophy Points:
    55
    Well the Month of Apple Bugs seems to have started with a Quicktime bug that affects Windows and OS X. Apparently this exploit can be remotely executed and causes a stack overflow allowing arbitrary code to be executed. It can be neutered by turning off RTSP URL's:
    http://isc.sans.org/diary.php?storyid=1993

    Theoretically, you could go to a malicious website that will automatically launch Quicktime to play a stream that will exploit the hole. However, the code does not seem to work. I have tried a few test links and none of them actually did anything except display some XML jibberish in my browser. There are also many other reports of people trying to write their own code and the only results they could achieve were crashing Quicktime. So as far as this bug is concerned, I do not think it is time to worry yet.
     
    cashmonee, Jan 2, 2007
    #1
  2. hollownail

    hollownail Individual 11

    Reputations:
    374
    Messages:
    2,916
    Likes Received:
    0
    Trophy Points:
    55
    Nice catch cash. I know that these type of exploits have been around for a while and can be pretty bad on Windows.
     
    hollownail, Jan 2, 2007
    #2