lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
Order Openwall GNU/*/Linux 2.0 on a CD with delivery worldwide
[<prev] [next>] [month] [year] [list] 
Date: Wed, 5 Dec 2007 02:53:13 +0200 (EET)
From: Juha-Matti Laurio <juha-matti.laurio@...ti.fi>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: The recent number of unpatched QuickTime flaws is: two

The QuickTime RTSP vulnerability reported on 23th Nov is not the only unpatched remote vulnerability in QuickTime player.

It appears that WabiSabiLabi team has reported that there is another (they call it zero-day vuln) flaw too, affecting to XP systems.

The CVE name for this second issue reported by unknown person is CVE-2007-6238. The CVSS score is 10.0, in turn.

I have written a summary with reference links here:
http://blogs.securiteam.com/?p=1046

- Juha-Matti

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux