Apple.QuickTime.For.Java.Information.Disclosure

description-logoDescription

It indicates a possible exploit of an information disclosure vulnerability in QuickTime for Java on Mac OS X, when used with Quartz Composer. It may allow remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.

affected-products-logoAffected Products

Apple Mac OS X Server 10.4.8
Apple Mac OS X 10.4.8

Impact logoImpact

Information disclosure.

recomended-action-logoRecommended Actions

The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
Apple Mac OS X Server 10.4.8
* Apple SecUpd2006-008Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12412&cat= 1&platform=osx&method=sa/SecUpd2006-008Ti.dmg
* Apple SecUpd2006-008Univ.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12413&cat= 1&platform=osx&method=sa/SecUpd2006-008Univ.dmg
Apple Mac OS X 10.4.8
* Apple SecUpd2006-008Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12412&cat= 1&platform=osx&method=sa/SecUpd2006-008Ti.dmg
* Apple SecUpd2006-008Univ.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12413&cat= 1&platform=osx&method=sa/SecUpd2006-008Univ.dmg

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)