Note: This page is part of the archive.

This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact if you have any questions about the US-CERT website archive.

Alert (TA07-310A)

Apple QuickTime Updates for Multiple Vulnerabilities

Systems Affected

Vulnerabilities in Apple QuickTime affect
  • Apple Mac OS X
  • Microsoft Windows


Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.


Apple QuickTime 7.3 resolves multiple vulnerabilities in the way different types of image and media files are handled. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted image or media file that could be hosted on a web page.

Note that Apple iTunes installs QuickTime, so any system with iTunes is vulnerable.


These vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or commands and cause a denial-of-service condition. For further information, please see About the security content of QuickTime 7.3.


Upgrade QuickTime

Upgrade to QuickTime 7.3. This and other updates for Mac OS X are available via Apple Update.

Secure your web browser

To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser.


Revision History

  • November 06, 2007: Initial release

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we'd welcome your feedback.