Apple releases QuickTime 7.4.1 for Leopard, Tiger and Panther
The software update patches a vulnerability where visiting a malicious website could lead to an unexpected application termination or arbitrary code execution.
"A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled," Apple said. "By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution."
QuickTime 7.4.1 addresses the issue through improved bounds checking.
AppleInsider has affiliate partnerships and may earn commission on products purchased through affiliate links. These partnerships do not influence our editorial content.