=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2004/VULN460
_____________________________________________________________________

DATE                      : 28/10/2004

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Mac OS X v10.3.x, Mac OS X Server v10.3.x,
                             Mac OS X v10.2.8, Mac OS X Server v10.2.8,
                             Windows XP, Windows 2000, Windows ME,
                               Windows 98 running QuickTime 6.5.2.

======================================================================

APPLE-SA-2004-10-27 QuickTime 6.5.2

QuickTime 6.5.2 is now available and delivers the following security
enhancements:

CVE-ID: CAN-2004-0988
Available for:  Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows
ME and Microsoft Windows 98
Impact:  An integer overflow that may be exploitable in an HTML environment
Description:  A sign extension of an overflowed small integer can result in a
very large number being passed to a memory move function. The fix prevents the
small integer from overflowing.  This issue does not exist in QuickTime for
Mac OS X systems.  Credit to John Heasman of Next Generation Security Software Ltd.
for reporting this issue.

CVE-ID: CAN-2004-0926
Available for:  Mac OS X v10.3.x, Mac OS X Server v10.3.x, Mac OS X v10.2.8,
Mac OS X Server v10.2.8, Microsoft Windows XP, Microsoft Windows 2000,
Microsoft Windows ME and Microsoft Windows 98
Impact:  A heap buffer overflow could allow attackers to execute arbitrary code
Description:  Flaws in decoding the BMP image type could overwrite heap memory and
potentially allow the execution of arbitrary code hidden in an image. This is the
same security enhancement that was made available in Security Update 2004-09-30,
and can be deployed on the additional system configurations covered by this
QuickTime update.

QuickTime 6.5.2 may be obtained from the Software Update pane in System Preferences,
or Apple's QuickTime web site: http://www.apple.com/quicktime/download/

Information will also be posted to the Apple Product Security web site:
http://www.apple.com/support/security/security_updates.html

This message is signed with Apple's Product Security PGP key, and details are
available at: http://www.apple.com/support/security/security_pgp.html

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================