Comments on: Severe QuickTime vulnerability in Firefox disclosed

By: Firefox 2.0.0.7 update fixes QuickTime vulnerability : Mozilla Links

Firefox 2.0.0.7 update fixes QuickTime vulnerability : Mozilla Links — Wed, 19 Sep 2007 01:26:19 +0000

[...] has released a critical security update for Firefox that patches a vulnerability involving Apple’s QuickTime plugin reported last week due to a number of design flaws including interpreting command files (.qtl) [...]

By: Â·Â¨-=[WHK]=-Â¨Â· » Archive » Zero day en QuickTime de apple permite la ejecuciÃ³n de cÃ³digos remotamente (

Fri, 14 Sep 2007 23:45:28 +0000

[...] Severe QuickTime vulnerability in Firefox disclosed : Mozilla Links [...]

By: David

David — Fri, 14 Sep 2007 20:17:42 +0000

I tried one of the Gnucitizen tests. McAfee antivirus popped up a note saying it had quarantined a trojan–though, FWIW, the Gnucitizen script had already succeeded in launching the calculator.

By: QuickTime Vulnerability « Firefox Extension Guru’s Blog

QuickTime Vulnerability « Firefox Extension Guru’s Blog — Fri, 14 Sep 2007 20:09:40 +0000

[...] Links [1, [...]

By: Update on QuickTime plugin vulnerability : Mozilla Links

Update on QuickTime plugin vulnerability : Mozilla Links — Thu, 13 Sep 2007 14:59:53 +0000

[...] Snyder, Mozilla Security Office has confirmed the vulnerability affecting the QuickTime plugin on Firefox and informed that Mozilla is already working on a patch with [...]

By: Olhado

Olhado — Thu, 13 Sep 2007 10:31:13 +0000

NoScript seems to stop it, so installing an extension that you all should be using anyway will greatly limit the danger (I guess it will not eliminate it, since someone could still inject a malicious file into one of your trusted websites…).

By: Percy Cabello

Percy Cabello — Wed, 12 Sep 2007 15:03:16 +0000

pdp, thanks for the correction. The link is now updated.

By: pdp

pdp — Wed, 12 Sep 2007 14:30:55 +0000

the link is wrong. this is the right one: http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox

and thanks for the detail description…

cheers