Apple.QuickTime.For.Java.Information.Disclosure
Description
It indicates a possible exploit of an information disclosure vulnerability in QuickTime for Java on Mac OS X, when used with Quartz Composer. It may allow remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.
Affected Products
Apple Mac OS X Server 10.4.8
Apple Mac OS X 10.4.8
Impact
Information disclosure.
Recommended Actions
The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
Apple Mac OS X Server 10.4.8
* Apple SecUpd2006-008Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12412&cat= 1&platform=osx&method=sa/SecUpd2006-008Ti.dmg
* Apple SecUpd2006-008Univ.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12413&cat= 1&platform=osx&method=sa/SecUpd2006-008Univ.dmg
Apple Mac OS X 10.4.8
* Apple SecUpd2006-008Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12412&cat= 1&platform=osx&method=sa/SecUpd2006-008Ti.dmg
* Apple SecUpd2006-008Univ.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=12413&cat= 1&platform=osx&method=sa/SecUpd2006-008Univ.dmg
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |