====================================================================

                                 CERT-Renater

                      Note d'Information No. 2016/VULN002
_____________________________________________________________________

DATE                : 07/01/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running QuickTime versions prior to 7.7.9.

======================================================================
http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html
_____________________________________________________________________

APPLE-SA-2016-01-07-1 QuickTime 7.7.9

QuickTime 7.7.9 is now available and addresses the following:

QuickTime
Available for:  Windows 7 and Windows Vista
Impact:  Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description:  Multiple memory corruption issues existed in QuickTime.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7085 : an anonymous researcher
CVE-2015-7086 : an anonymous researcher
CVE-2015-7087 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7088 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7089 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7090 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-7091 : Pedro Ribeiro (email@hidden <mailto:email@hidden>) of 
Agile Information
Security
CVE-2015-7092 : Jaanus Kp Clarified Security working with HP's Zero
Day Initiative
CVE-2015-7117 : Ryan Pentney and Richard Johnson of Cisco Talos


==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================