What is fixed in QuickTime 6.1.1

Yesterday Apple released QuickTime 6.1.1, which Apple says has important bug fixes to MPEG-4 streaming.

iDEFENSE has since issued a Security Advisory noting an exploitable buffer overflow condition in the Windows version of QuickTime Player, allowing for the remote execution of arbitrary code.

The vulnerability lies in the processing of long QuickTime URL's (quicktime:// or through the -u switch). A URL containing 400 characters will overrun the allocated space on the stack overwriting the saved instruction pointer (EIP). This will thereby allow an attacker to redirect the flow of control.

"Any remote attacker can compromise a target system if he or she can convince a user to load a specially crafted exploit URL. Upon successful exploitation, arbitrary code can be executed under the privileges of the user who launched QuickTime."

For more information, and a download of QuickTime 6.1.1, visit VersionTracker.

Resources