bugtraq - APPLE-SA-2016-01-07-1 QuickTime 7.7.9

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [day] [month] [year] [list]

Date: Thu, 7 Jan 2016 16:07:02 -0800
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2016-01-07-1 QuickTime 7.7.9

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-01-07-1 QuickTime 7.7.9

QuickTime 7.7.9 is now available and addresses the following:

QuickTime
Available for:  Windows 7 and Windows Vista
Impact:  Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description:  Multiple memory corruption issues existed in QuickTime.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7085 : an anonymous researcher
CVE-2015-7086 : an anonymous researcher
CVE-2015-7087 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7088 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7089 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7090 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7091 : Pedro Ribeiro (pedrib@...il.com <mailto:pedrib@...il.com>) of Agile Information
Security
CVE-2015-7092 : Jaanus Kp Clarified Security working with HP's Zero
Day Initiative
CVE-2015-7117 : Ryan Pentney and Richard Johnson of Cisco Talos

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org <https://gpgtools.org/>

iQIcBAEBCgAGBQJWjuROAAoJEBcWfLTuOo7tBzIQAIl0NnIVeKBmNEkpptnqkSbF
7TjTFTq38Jk+iQIabC3H3e5Gei7/0j87www+H6YDVCG93XvTVwOi+OkB3/Rgd7ah
EiN6hFX4ZyTc/lLZ4ZQ1dRnHmOJlPSwwa0us4GQMLzl0ZScGYZo9L84agorws8MZ
WsNyGcNvhR3vUxMkEx8ANvFKTAm9UO082/ugWICeYQL0ceHYRFPzXZARVn02ASmQ
Q9wdPhIA0qaB8LQKwN8UnzBeBA4ytnoKjIGsbsNoYmaOzcgEs2k1rbMymsXJNG7r
pNCBKpFro25SahdF2FZDVt0TJs+EKbWX+VPSmdWQMdbsWsbS0mNhkWFIAOUpps0y
Q0ohk3ctoD8L5ejyqrlcfK4fPIwCU1sBDEOYZtPvz8EK9RNRU4+iehQqYSDiUp02
UA83r4LkGt1zEdomAIMV/QtzhFkKl++tfHt6JuqOWx/9C0vpv7B6fbGNt+ABujXa
+JUDa/QS1TUVqkVCR86BSz2xWZPQdVjZGyXSTJHslz1sDsHs+mCju1trI83Je6W1
cD5y3kkBBfGjElQ6stl5lHJGGp8PXxu+e6A4c1nRv6DeUyl8FZi0As+459WAkowg
vkSMyaUXUEbt15e5xoTxhzce9dPDczPy2+2uvNCOKMvJt89QIDnoaXteUHSXHcrD
naf/Oh37SbzvWAzkYYnB
=4BZX
-----END PGP SIGNATURE-----